Closed aoldershaw closed 3 years ago
@taylorsilva hm, I'm seeing otherwise:
$ k exec -n ci ci-worker-0 -- env | grep GARDEN
CONCOURSE_GARDEN_DNS_PROXY_ENABLE=true
CONCOURSE_WORKER_GARDEN_DNS_PROXY_ENABLE=true
interesting! I was using k describe
but I wonder if that doesn't show everything 🤔
I was using k describe but I wonder if that doesn't show everything
Yeah, probably just shows the env vars you've configured in the spec - but since this is coming from the OCI image itself, I guess it doesn't display it
after more testing I think this is still okay for helm chart/k8s users. In both cases, with DNS proxy enabled or disabled for the guardian runtime, dns requests still make it to the kube dns service. When the proxy is enabled we've just stuck an extra middle-man in the entire thing, but it works regardless.
Now that containerd is the default, we shouldn't enable the DNS proxy for Guardian