Fixes #6740: Allow disabling reverse DNS lookups in coredns (#6741)

* created variable to enable/disable reverse dns lookups in coredns

* fixed linting-error in dns-stack.md
pull/6747/head
axelgobletbdr 2020-09-25 11:33:11 +02:00 committed by GitHub
parent 28839f6b71
commit 77149e5d89
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 1 deletions

View File

@ -82,6 +82,10 @@ dns_etchosts: |
192.168.0.200 ingress.example.com 192.168.0.200 ingress.example.com
``` ```
### enable_coredns_reverse_dns_lookups
Whether reverse DNS lookups are enabled in the coredns config. Defaults to `true`.
## DNS modes supported by Kubespray ## DNS modes supported by Kubespray
You can modify how Kubespray sets up DNS for your cluster with the variables ``dns_mode`` and ``resolvconf_mode``. You can modify how Kubespray sets up DNS for your cluster with the variables ``dns_mode`` and ``resolvconf_mode``.

View File

@ -7,6 +7,7 @@ dns_min_replicas: 2
dns_nodes_per_replica: 16 dns_nodes_per_replica: 16
dns_cores_per_replica: 256 dns_cores_per_replica: 256
dns_prevent_single_point_failure: "{{ 'true' if dns_min_replicas|int > 1 else 'false' }}" dns_prevent_single_point_failure: "{{ 'true' if dns_min_replicas|int > 1 else 'false' }}"
enable_coredns_reverse_dns_lookups: true
coredns_ordinal_suffix: "" coredns_ordinal_suffix: ""
# dns_extra_tolerations: [{effect: NoSchedule, operator: "Exists"}] # dns_extra_tolerations: [{effect: NoSchedule, operator: "Exists"}]

View File

@ -31,12 +31,14 @@ data:
lameduck 5s lameduck 5s
} }
ready ready
kubernetes {{ dns_domain }} in-addr.arpa ip6.arpa { kubernetes {{ dns_domain }} {% if enable_coredns_reverse_dns_lookups %}in-addr.arpa ip6.arpa {% endif %}{
pods insecure pods insecure
{% if enable_coredns_k8s_endpoint_pod_names %} {% if enable_coredns_k8s_endpoint_pod_names %}
endpoint_pod_names endpoint_pod_names
{% endif %} {% endif %}
{% if enable_coredns_reverse_dns_lookups %}
fallthrough in-addr.arpa ip6.arpa fallthrough in-addr.arpa ip6.arpa
{% endif %}
} }
prometheus :9153 prometheus :9153
{% if resolvconf_mode == 'host_resolvconf' and upstream_dns_servers is defined and upstream_dns_servers|length > 0 %} {% if resolvconf_mode == 'host_resolvconf' and upstream_dns_servers is defined and upstream_dns_servers|length > 0 %}