forked from docs/doc-exports
Dong, Qiu Jian
e11d42fad0
Reviewed-by: Eotvos, Oliver <oliver.eotvos@t-systems.com> Co-authored-by: Dong, Qiu Jian <qiujiandong1@huawei.com> Co-committed-by: Dong, Qiu Jian <qiujiandong1@huawei.com>
17 lines
3.3 KiB
HTML
17 lines
3.3 KiB
HTML
<a name="cce_faq_00194"></a><a name="cce_faq_00194"></a>
|
|
|
|
<h1 class="topictitle1">How Do I Configure a DNS Policy for a Container?</h1>
|
|
<div id="body1570791416900"><p class="msonormal" id="cce_faq_00194__p758961815371">CCE uses <strong id="cce_faq_00194__b19871126191915">dnsPolicy</strong> to identify different DNS policies for each pod. The value of <strong id="cce_faq_00194__b13352230191910">dnsPolicy</strong> can be either of the following:</p>
|
|
<ul id="cce_faq_00194__ul42175476377"><li class="msonormal" id="cce_faq_00194__li121831338182310"><strong id="cce_faq_00194__b439112617368">None:</strong> No DNS policy is configured. In this mode, you can customize the DNS configuration, and <strong id="cce_faq_00194__b8142102882110">dnsPolicy</strong> needs to be used together with <strong id="cce_faq_00194__b761473032118">dnsConfig</strong> to customize the DNS.</li><li class="msonormal" id="cce_faq_00194__li1217134713379"><strong id="cce_faq_00194__b18942011212">Default</strong>: The pod inherits the name resolution configuration from the node where the pod is running. The container's DNS configuration file is the DNS configuration file that the kubelet's <strong id="cce_faq_00194__b129028324212">--resolv-conf</strong> flag points to. In this case, a cloud DNS is used for CCE clusters.</li><li id="cce_faq_00194__li7357105822419"><strong id="cce_faq_00194__b7561451124514">ClusterFirst:</strong> In this mode, the DNS in the pod uses the DNS service configured in the cluster. That is, the kube-dns or CoreDNS service in the Kubernetes is used for domain name resolution. If the resolution fails, the DNS configuration of the host machine is used for resolution.</li></ul>
|
|
<p class="msonormal" id="cce_faq_00194__p55919726">If the type of dnsPolicy is not specified, <strong id="cce_faq_00194__b316382063512">ClusterFirst</strong> is used by default.</p>
|
|
<ul id="cce_faq_00194__ul1313192013919"><li id="cce_faq_00194__li1813112012394">If the type of dnsPolicy is set to <strong id="cce_faq_00194__b1221751563510">Default</strong>, the name resolution configuration is inherited from the worker node where the pod is running.</li><li id="cce_faq_00194__li12576531395">If the type of dnsPolicy is set to <strong id="cce_faq_00194__b022752663511">ClusterFirst</strong>, DNS queries will be sent to the kube-dns service.<p id="cce_faq_00194__p1414215556396">The kube-dns service responds to queries on the domains that use the configured cluster domain suffix as the root. All other queries (for example, www.kubernetes.io) are forwarded to the upstream name server inherited from the node. Before this feature was supported, stub domains were typically introduced by a custom resolver, instead of the upstream DNS. However, this causes the custom resolver itself to be the key path to DNS resolution, where scalability and availability issues can make the DNS functions unavailable to the cluster. This feature allows you to introduce custom resolvers without taking over the entire resolution path.</p>
|
|
</li></ul>
|
|
<p class="msonormal" id="cce_faq_00194__p30400092">If a workload does not need to use CoreDNS in the cluster, you can use kubectl or call the APIs to set the dnsPolicy to Default.</p>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="cce_faq_00001.html">DNS FAQs</a></div>
|
|
</div>
|
|
</div>
|
|
|