github.com/coreos/rocket@v1.30.1-0.20200224141603-171c416fac02/Documentation/networking/dns.md (about) 1 # DNS configuration 2 3 rkt can automatically prepare `/etc/resolv.conf` and `/etc/hosts` for the apps in the pod. 4 They can either be generated at runtime, or the host's configuration can be used. 5 6 ## `/etc/resolv.conf` 7 8 Four options affect how this file is created: 9 10 * `--dns` : Specify either a DNS server, or one of the "magic" values `host` or `none` 11 * `--dns-domain` : The resolv.conf `domain` parameter 12 * `--dns-opt` : One or more resolv.conf `option` parameters 13 * `--dns-search` : One or more domains for the search list 14 15 The simplest configuration is: 16 17 ```sh 18 $ sudo rkt run --dns=8.8.8.8 pod.aci 19 ``` 20 21 Other parameters can be given: 22 23 ```sh 24 $ sudo rkt run \ 25 --dns=8.8.8.8 --dns=4.2.2.2 \ 26 --dns-domain=example.org \ 27 --dns-opt=debug --dns-opt=rotate \ 28 --dns-search=example.com --dns-search=example.gov \ 29 pod.aci 30 ``` 31 32 This will generate the following `/etc/resolv.conf` for the applications: 33 34 ``` 35 # Generated by rkt run 36 37 search example.com example.gov 38 nameserver 8.8.8.8 39 nameserver 4.2.2.2 40 options debug rotate 41 domain example.org 42 ``` 43 44 ### "Magic" parameters 45 46 #### `host` 47 The magic parameter `host` will bind-mount the host's `/etc/resolv.conf` in to the applications. 48 This will be a read-only mount. 49 50 #### `none` 51 The magic parameter `none` will ignore any DNS configuration from CNI. This will ensure that 52 the image's `/etc/resolv.conf` has precedence. 53 54 ### Precedence 55 `resolv.conf` can be generated by multiple components. The order of precedence is: 56 57 1. If `--dns`, et al. are passed to `rkt run` 58 2. If a CNI plugin returns DNS information, unless `--dns=none` is passed 59 3. If a volume is mounted on `/etc/resolv.conf` 60 4. If the application container includes `/etc/resolv.conf` 61 62  63 64 ## `/etc/hosts` 65 `rkt run` provides one option with two modes: 66 67 * `--hosts-entry <IP>=<HOST>` 68 * `--hosts-entry host` 69 70 Passing `--hosts-entry=host` will bind-mount (read-only) the hosts's `/etc/hosts` 71 in to every application. 72 73 When passing IP=HOST pairs: 74 75 ```sh 76 $ rkt run ... --hosts-entry 198.51.100.0=host1,198.51.100.1=host2 --hosts-entry 198.51.100.0=host3 77 ``` 78 79 rkt will take some [standard defaults][standard-defaults] 80 and append the requested entries. 81 82 ``` 83 < the default entries > 84 85 198.51.100.0 host1 host3 86 198.51.100.1 host2 87 ``` 88 89 90 ### Precedence 91 `/etc/hosts` can be generated by multiple components. The order of precedence is: 92 93 1. If `--hosts-entry` is passed to `rkt run` 94 2. If a volume is mounted on `/etc/hosts` 95 3. If the app image includes `/etc/hosts` 96 4. Otherwise, a fallback stub `/etc/hosts` is created 97 98 99 100 ## Example 101 The following example shows that the DNS options allow the pod to resolve names successfully: 102 103 ``` 104 $ sudo rkt run --net=host --dns=8.8.8.8 quay.io/coreos/alpine-sh --exec=/bin/ping --interactive -- -c 1 coreos.com 105 ... 106 107 PING coreos.com (104.20.47.236): 56 data bytes 108 64 bytes from 104.20.47.236: seq=0 ttl=63 time=5.421 ms 109 110 --- coreos.com ping statistics --- 111 1 packets transmitted, 1 packets received, 0% packet loss 112 round-trip min/avg/max = 5.421/5.421/5.421 ms 113 ``` 114 115 116 [standard-defaults]: https://github.com/rkt/rkt/blob/master/stage1/net/rootfs/etc/hosts-fallback