Set Kubelet resolver config to /run/systemd/resolve/resolv.conf
* Both Flatcar Linux and Fedora CoreOS use systemd-resolved, but they setup /etc/resolv.conf symlinks differently * Prefer using /run/systemd/resolve/resolv.conf directly, which also updates to reflect runtime changes (e.g. resolvectl)
This commit is contained in:
parent
e97c1cc9e5
commit
136107b448
|
@ -6,6 +6,7 @@ Notable changes between versions.
|
||||||
|
|
||||||
* Kubernetes [v1.23.0](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1230)
|
* Kubernetes [v1.23.0](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1230)
|
||||||
* Normalize CA certs mounts in static Pods and kube-proxy
|
* Normalize CA certs mounts in static Pods and kube-proxy
|
||||||
|
* Set Kubelet resolver config to `/run/systemd/resolve/resolv.conf`
|
||||||
* With Calico, add missing `caliconodestatuses` CRD ([#289](https://github.com/poseidon/terraform-render-bootstrap/pull/289))
|
* With Calico, add missing `caliconodestatuses` CRD ([#289](https://github.com/poseidon/terraform-render-bootstrap/pull/289))
|
||||||
* Change `enable_aggregation` default to true ([#279](https://github.com/poseidon/terraform-render-bootstrap/pull/279))
|
* Change `enable_aggregation` default to true ([#279](https://github.com/poseidon/terraform-render-bootstrap/pull/279))
|
||||||
|
|
||||||
|
|
|
@ -97,6 +97,7 @@ systemd:
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--provider-id=aws:///$${AFTERBURN_AWS_AVAILABILITY_ZONE}/$${AFTERBURN_AWS_INSTANCE_ID} \
|
--provider-id=aws:///$${AFTERBURN_AWS_AVAILABILITY_ZONE}/$${AFTERBURN_AWS_INSTANCE_ID} \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
|
|
|
@ -76,6 +76,7 @@ systemd:
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--provider-id=aws:///$${AFTERBURN_AWS_AVAILABILITY_ZONE}/$${AFTERBURN_AWS_INSTANCE_ID} \
|
--provider-id=aws:///$${AFTERBURN_AWS_AVAILABILITY_ZONE}/$${AFTERBURN_AWS_INSTANCE_ID} \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStop=-/usr/bin/podman stop kubelet
|
ExecStop=-/usr/bin/podman stop kubelet
|
||||||
|
|
|
@ -98,6 +98,7 @@ systemd:
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--provider-id=aws:///$${COREOS_EC2_AVAILABILITY_ZONE}/$${COREOS_EC2_INSTANCE_ID} \
|
--provider-id=aws:///$${COREOS_EC2_AVAILABILITY_ZONE}/$${COREOS_EC2_INSTANCE_ID} \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
|
|
|
@ -79,6 +79,7 @@ systemd:
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--provider-id=aws:///$${COREOS_EC2_AVAILABILITY_ZONE}/$${COREOS_EC2_INSTANCE_ID} \
|
--provider-id=aws:///$${COREOS_EC2_AVAILABILITY_ZONE}/$${COREOS_EC2_INSTANCE_ID} \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStart=docker logs -f kubelet
|
ExecStart=docker logs -f kubelet
|
||||||
|
|
|
@ -92,6 +92,7 @@ systemd:
|
||||||
--node-labels=node.kubernetes.io/controller="true" \
|
--node-labels=node.kubernetes.io/controller="true" \
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
|
|
|
@ -71,6 +71,7 @@ systemd:
|
||||||
%{~ endfor ~}
|
%{~ endfor ~}
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStop=-/usr/bin/podman stop kubelet
|
ExecStop=-/usr/bin/podman stop kubelet
|
||||||
|
|
|
@ -94,6 +94,7 @@ systemd:
|
||||||
--node-labels=node.kubernetes.io/controller="true" \
|
--node-labels=node.kubernetes.io/controller="true" \
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
|
|
|
@ -75,6 +75,7 @@ systemd:
|
||||||
%{~ endfor ~}
|
%{~ endfor ~}
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStart=docker logs -f kubelet
|
ExecStart=docker logs -f kubelet
|
||||||
|
|
|
@ -92,6 +92,7 @@ systemd:
|
||||||
--node-labels=node.kubernetes.io/controller="true" \
|
--node-labels=node.kubernetes.io/controller="true" \
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
|
|
|
@ -71,6 +71,7 @@ systemd:
|
||||||
%{~ endfor ~}
|
%{~ endfor ~}
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStop=-/usr/bin/podman stop kubelet
|
ExecStop=-/usr/bin/podman stop kubelet
|
||||||
|
|
|
@ -103,6 +103,7 @@ systemd:
|
||||||
--node-labels=node.kubernetes.io/controller="true" \
|
--node-labels=node.kubernetes.io/controller="true" \
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
|
|
|
@ -84,6 +84,7 @@ systemd:
|
||||||
%{~ endfor ~}
|
%{~ endfor ~}
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStart=docker logs -f kubelet
|
ExecStart=docker logs -f kubelet
|
||||||
|
|
|
@ -95,6 +95,7 @@ systemd:
|
||||||
--node-labels=node.kubernetes.io/controller="true" \
|
--node-labels=node.kubernetes.io/controller="true" \
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
|
|
|
@ -69,6 +69,7 @@ systemd:
|
||||||
--node-labels=node.kubernetes.io/node \
|
--node-labels=node.kubernetes.io/node \
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStop=-/usr/bin/podman stop kubelet
|
ExecStop=-/usr/bin/podman stop kubelet
|
||||||
|
|
|
@ -106,6 +106,7 @@ systemd:
|
||||||
--node-labels=node.kubernetes.io/controller="true" \
|
--node-labels=node.kubernetes.io/controller="true" \
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
|
|
|
@ -81,6 +81,7 @@ systemd:
|
||||||
--node-labels=node.kubernetes.io/node \
|
--node-labels=node.kubernetes.io/node \
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStart=docker logs -f kubelet
|
ExecStart=docker logs -f kubelet
|
||||||
|
|
|
@ -92,6 +92,7 @@ systemd:
|
||||||
--node-labels=node.kubernetes.io/controller="true" \
|
--node-labels=node.kubernetes.io/controller="true" \
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
|
|
|
@ -71,6 +71,7 @@ systemd:
|
||||||
%{~ endfor ~}
|
%{~ endfor ~}
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStop=-/usr/bin/podman stop kubelet
|
ExecStop=-/usr/bin/podman stop kubelet
|
||||||
|
|
|
@ -95,6 +95,7 @@ systemd:
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
--register-with-taints=node-role.kubernetes.io/controller=:NoSchedule \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStart=docker logs -f kubelet
|
ExecStart=docker logs -f kubelet
|
||||||
|
|
|
@ -75,6 +75,7 @@ systemd:
|
||||||
%{~ endfor ~}
|
%{~ endfor ~}
|
||||||
--pod-manifest-path=/etc/kubernetes/manifests \
|
--pod-manifest-path=/etc/kubernetes/manifests \
|
||||||
--read-only-port=0 \
|
--read-only-port=0 \
|
||||||
|
--resolv-conf=/run/systemd/resolve/resolv.conf \
|
||||||
--rotate-certificates \
|
--rotate-certificates \
|
||||||
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
--volume-plugin-dir=/var/lib/kubelet/volumeplugins
|
||||||
ExecStart=docker logs -f kubelet
|
ExecStart=docker logs -f kubelet
|
||||||
|
|
Loading…
Reference in New Issue