How to change ndots option default value of dns in Kubernetes

About

Asked 7/12, 2021 at 17:19 Answered 7/12, 2021 at 19:35

I want to change ndots default value from 5 to 3 in all pods in Kubernetes. for example, this is the current resolv.conf output from one of my pods. How can I change the value of ndots from 5 to 3 in all current and future pods:

[root@master01 ~]# kubectl exec test-7c9b9bc678-kfcsj -- cat /etc/resolv.conf 
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5

Kubernetes version: 1.18. Install on bare metal servers. Thank you in advanced

Schnorrer answered 7/12, 2021 at 17:19 Comment(2)

Which version of Kubernetes did you use and how did you set up the cluster? Did you use bare metal installation or some cloud provider? – Berna 8/12, 2021 at 18:59

Kubernetes version 1.18. Install on bare metal servers – Schnorrer 9/12, 2021 at 14:1

You can adjust this configuration in the pod's dnsConfig section. See more details here.

We are doing the same in the helm chart responsible for deploying applications into our cluster, like so -

dnsConfig:
  options:
    - name: ndots
      value: "3"

Disengagement answered 7/12, 2021 at 19:35 Comment(6)

Thanks but this config is in pod resource and I don't want to add this part in all YAML files. I want to change one config (coredns or kubelet) and then every pod that will create in the future will be ndots:3 in /etc/resolv.conf – Schnorrer 7/12, 2021 at 20:20

I don't think this can be changed by coredns or kubelet configuration. If you'd like to make the change in a single point you can add a mutation webhook to your cluster, which will add this dnsConfig to each new pod scheduled. – Disengagement 10/12, 2021 at 20:2

Seems like someone already created such a webhook: github.com/karampok/dnsconfig-injector – Bb 21/2, 2022 at 15:32

For the sake of my sanity can someone tell me why on earth this "ndots: 5" is the default? From what I can tell, it breaks literally all name resolution, always (at least seems so in alpine containers as virtually all my pods are based on that). The only way I ever can get dns resolution to work from these containers is by suffixing the hostname with a "." to make it explicit is it an FQDN. – Brittney 8/4, 2022 at 15:23

Because with all of the shifting left, they forgot to invite sysadmins to the design meetings. ndots:5 as a default is operational malpractice, and deserving of divine retribution. – Vite 7/6, 2023 at 18:38

@Brittney Speculation here, but I think it's because distros like Alpine use musl instead of glibc. From wiki.musl-libc.org/… > those with at least as many dots as ndots are only tried in the global namespace (never falling back to search... So if you have ndots set to 1 like the glibc default, and you did a search for "myhost.mysubdomain" it wouldn't append the search domain "mydomain.com". It was probably deemed worth it to set ndots to a higher value to reduce the chance of lookup errors for short domain names. – Concepcion 27/11, 2023 at 19:55

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags