If you sometimes need to use a DNS-server in kubernetes at work you can add this to your network-settings. But reconfiguring the settings can be tedious.
I wrote a DNS-forwarder that could talk to one or more public DNS-servers and the kubernetes DNS-server, and let it handle the rest. This way I always have a working DNS-resolution even if not all DNS-servers are reachable. The DNS-load-balancer can be found at https://github.com/kometen/dns-load-balancer/.
As an example here is my config.toml:
$ cat /usr/local/etc/dns-load-balancer/config.toml [[servers]] address = "1.1.1.1" use_tls = true description = "Cloudflare DNS" [[servers]] address = "8.8.8.8" use_tls = true description = "Google DNS" [[servers]] address = "10.152.183.10" use_tls = false description = "Kubernetes DNS" When the Wireguard VPN-tunnel is not connected to the kubernetes-cluster:
$ host postgresql.invoice.svc.cluster.local DNS resolution failed: Failed to resolve hostname: postgresql.invoice.svc.cluster.local. Root cause: no record found for Query { name: Name("postgresql.invoice.svc.cluster.local."), query_type: AAAA, query_class: IN } Error: Failed to resolve hostname: postgresql.invoice.svc.cluster.local. Caused by: no record found for Query { name: Name("postgresql.invoice.svc.cluster.local."), query_type: AAAA, query_class: IN } When connected:
$ host postgresql.invoice.svc.cluster.local postgresql.invoice.svc.cluster.local has address 10.152.183.95 Had I configured the Kubernetes DNS as the only DNS-server, either in network-settings or in config.toml no nameresolution would take place. By adding Cloudflare and Google nameresolution will usually work and only fail if the Wireguard VPN is not connected and I query for services in Kubernetes.
Top comments (0)