-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make CoreDNS the default DNS server #7919
Conversation
This minimum change should do the trick. |
seems okay for me, please fix tests |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @rajansandeep
/lgtm
/test pull-kops-verify-staticcheck |
@justinsb can probably weigh in more here, but typically with changes like this we try to avoid modifying existing k8s clusters that arent also upgrading their k8s version. This way if someone updates Kops and runs To make this kind of change we do one or both of two things:
Thoughts? |
d28097c
to
393e0c0
Compare
For a start, I've rebased the PR. |
@@ -232,7 +232,7 @@ func (b *BootstrapChannelBuilder) buildAddons() *channelsapi.Addons { | |||
} | |||
|
|||
kubeDNS := b.cluster.Spec.KubeDNS | |||
if kubeDNS.Provider == "KubeDNS" || kubeDNS.Provider == "" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We discussed this during office hours yesterday and determined that it will be best to default to CoreDNS only for clusters >= kubernetes 1.18. This way way upgrading kops by itself will not change the default, only upgrading kubernetes itself.
Heres an example of how you could get that information:
kops/upup/pkg/fi/cloudup/apply_cluster.go
Lines 282 to 289 in e29a04e
kv, err := k8sversion.Parse(cluster.Spec.KubernetesVersion) | |
if err != nil { | |
return err | |
} | |
// check if we should recommend turning off anonymousAuth on k8s versions gte than 1.10 | |
// we do 1.10 since this is a really critical issues and 1.10 has it | |
if kv.IsGTE("1.10") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rifelpet okay, I'll update the PR to reflect these changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How is kv, err := k8sversion.Parse(cluster.Spec.KubernetesVersion); kv.IsGTE
vs b.cluster.IsKubernetesGTE
?
I tend to prefer the latter.
I'm wondering about the upgrade path for this. Given the note in the docs regarding switching from KubeDNS to CoreDNS, and to my knowledge kops doesnt have a simple way of removing manifests and knowing when it is safe to remove the KubeDNS deployment, we might need to resort to having a Required Action item in the 1.18 release notes. |
Any updates on this? Would be nice to get this in soon. |
393e0c0
to
fb06b73
Compare
dd2608f
to
bda60cf
Compare
bda60cf
to
bb1fb76
Compare
Sorry @rifelpet had to push a change due to a small nit. |
/lgtm |
Any updates? |
From the Kops office hours 05/08 we decided to wait to make CoreDNS the default DNS until Kops 1.19 and to introduce node-local-dns along with it to help avoid some of the iptables DNAT issues that can pop up. |
By introducing node-local-dns we mean make it enabled by default? |
@rajansandeep: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
bb1fb76
to
10f6fe9
Compare
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rajansandeep, zetaab The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Did a quick rebase in case anyone feels that this should be merged into 1.19. |
It should definitely make it into 1.20. /lgtm |
This will install CoreDNS as the default DNS server instead of kube-dns
Fixes #6500