From d8aa2d0a9e35c2e65059205deabb56c6f1aabf3d Mon Sep 17 00:00:00 2001
From: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
Date: Thu, 20 Apr 2017 11:07:34 +0200
Subject: [PATCH] Change DNS policy for kubernetes components

According to code apiserver, scheduler, controller-manager, proxy don't
use resolution of objects they created. It's not harmful to change
policy to have external resolver.

Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
---
 .../master/templates/manifests/kube-apiserver.manifest.j2       | 2 +-
 .../templates/manifests/kube-controller-manager.manifest.j2     | 2 +-
 .../master/templates/manifests/kube-scheduler.manifest.j2       | 2 +-
 .../kubernetes/node/templates/manifests/kube-proxy.manifest.j2  | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
index ae014f8d3..b0f1a2f53 100644
--- a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
+++ b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
@@ -9,7 +9,7 @@ metadata:
 spec:
   hostNetwork: true
 {% if kube_version | version_compare('v1.6', '>=')  %}
-  dnsPolicy: ClusterFirstWithHostNet
+  dnsPolicy: ClusterFirst
 {% endif %}
   containers:
   - name: kube-apiserver
diff --git a/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2
index b483047db..d3f8a23a5 100644
--- a/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2
+++ b/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2
@@ -8,7 +8,7 @@ metadata:
 spec:
   hostNetwork: true
 {% if kube_version | version_compare('v1.6', '>=') %}
-  dnsPolicy: ClusterFirstWithHostNet
+  dnsPolicy: ClusterFirst
 {% endif %}
   containers:
   - name: kube-controller-manager
diff --git a/roles/kubernetes/master/templates/manifests/kube-scheduler.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-scheduler.manifest.j2
index 694450ce7..441f991eb 100644
--- a/roles/kubernetes/master/templates/manifests/kube-scheduler.manifest.j2
+++ b/roles/kubernetes/master/templates/manifests/kube-scheduler.manifest.j2
@@ -8,7 +8,7 @@ metadata:
 spec:
   hostNetwork: true
 {% if kube_version | version_compare('v1.6', '>=') %}
-  dnsPolicy: ClusterFirstWithHostNet
+  dnsPolicy: ClusterFirst
 {% endif %}
   containers:
   - name: kube-scheduler
diff --git a/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2 b/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2
index 745c671d8..9b7d53857 100644
--- a/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2
+++ b/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2
@@ -8,7 +8,7 @@ metadata:
 spec:
   hostNetwork: true
 {% if kube_version | version_compare('v1.6', '>=') %}
-  dnsPolicy: ClusterFirstWithHostNet
+  dnsPolicy: ClusterFirst
 {% endif %}
   containers:
   - name: kube-proxy
-- 
GitLab