Search code examples
linuxkubernetesdnsazure-aks

Configure kubernetes to DNS resolve the given domain as the first try, instead of using given-domain.namespace.svc.cluster.local

By default, when we raise a request from a Pod to another pod, Kubernetes is trying to append .namespace.svc.cluster.local to the domain we gave and try to resolve.

But in our case, we are already using a fully qualified URL to raise the request (http://service-name.namespace.svc.cluster.local/api/...) in all the places, but here also Kubernetes will try to resolve DNS for service-name.namespace.svc.cluster.local.namespace.svc.cluster.local and try a bunch of other domains as well, at last only it will try the actually given domain.

Question: Is there a way to configure Kubernetes to use the given domain for DNS resolve on the first try? If failed then it can try other domains

Environment Info:

Environment: AKS
Pod OS: Debian GNU v10 (buster)

Additional Info:

Contents of /etc/resolv.conf inside a Pod

search namespance.svc.cluster.local svc.cluster.local cluster.local reddog.microsoft.com
nameserver x.x.x.x
options ndots:5

Wireshark:

enter image description here As you can see, for every single successful request, there are 4 failed request before it.

Solution

  • Lowering the ndots will fix the issue

    ndots: sets a threshold for the number of dots which must appear in a name before an initial absolute query will be made. The default for n is 1, meaning that if there are any dots in a name, the name will be tried first as an absolute name before any search list elements are appended to it.

    Try this :

    spec:
  containers:
    - name: ...
      image: ...
  dnsConfig:
    options:
      - name: ndots
        value: "1"