Configuring DNS search path for Enterprise PKS Kubernetes Clusters

Jan 14, 2020 enterprise pks tkgi k8s
Share on:

Often, applications running in Kubernetes requires access to external services to function properly, it could be databases, Identity services (SSO), backend applications running on Virtual Machines, etc.

When accessing external corporate services or internet services – using DNS names, with current Enterprise PKS configuration, BOSH does not configure search path to allow using short names. for instance, application in Kubernetes would like to access “mssql” service, assuming that corporate DNS is authoritative for “corp.local” zone, to access it – application would have to access “mssql.corp.local”.

  1. Creating a ExternalName Service - Kubernetes solved this issue by applying External Name service that will mask the actual DNS record with a Kubernetes Service, as demonstrated here
apiVersion: v1
kind: Service
metadata:
  name: mssql
  namespace: prod
spec:
  type: ExternalName
  externalName: mssql.corp.local

  1. Specifying custom DNS Config for application - Another Kubernetes Native Solution, is specifying Custom DNS Config in the application manifest – based on the following Kubernetes document (Pod’s DNS Config)

  2. Doing it the BOSH way – the solution, inspired by the following This stackOverflow question, is to force BOSH to add search paths to resolv.conf to all nodes in a consistent manner.

Download the latest os-config bosh release tarball from Here ( all versions ). Upload it to the local bosh by running bosh upload-release --sha1 7579a96515b265c6d828924bf4f5fae115798199 os-conf-release-21.0.0.tgz

Uploading os-conf BOSH add-on

create a runtime-config yaml file with the settings you require, full details here - i.e. dns-runtime-config.yaml with the following:

releases:
- name: os-conf
  version: 21.0.0

addons:
- name: search-domain
  jobs:
  - name: resolv
    release: os-conf
  properties:
    search: corp.local

apply the runtime-config to the kubernetes cluster deployment by running bosh -d <deployment-name> update-runtime-config dns-runtime-config.yaml Applying BOSH runtime-config to existing k8s cluster deployment

deploy the cluster again to apply the changes to all vms by running:

bosh -d <deployment-name> manifest > manifest.yaml

bosh -d <deployment-name> deploy manifest.yaml

applying configuration changes to existing k8s cluster nodes

BOSH will now apply this configuration to all instances in the k8s cluster deployment.