search

siderolabs / talos

Talos Linux is a modern Linux distribution built for Kubernetes.
https://www.talos.dev
Mozilla Public License 2.0
5.95k stars 480 forks source link

Document DNS configuration for docker desktop environments #8125

Open rmvangun opened 6 months ago

rmvangun commented 6 months ago

Feature Request

Documentation for properly configuring Talos DNS configuration to leverage Docker desktop internal DNS. This may go under the Kubernetes guides on talos.dev?

Description

It should be possible to configure DNS settings in Talos machine config to allow resolving to the Docker host IP using host.docker.internal, or resolve to container IPs by container name when running on the host Docker engine rather than only containers running inside the cluster. This second part is really nice when running local registry mirrors.

This is most useful for folks who are developing locally with docker desktop on a Mac or Windows environment. I've managed to get this mostly working in my setup but then encountered a DNS recursion issue and got too busy to troubleshoot it. I want to iron this out soon and then add this documentation. If you could assign this to me, I would take it.

Example of what this would enable:

machine config:

machine:
  registries:
    mirrors:
      "docker.io":
        endpoints:
        - "http://mirror-docker.io:5000"
      "registry.k8s.io":
        endpoints:
        - "http://mirror-registry.k8s.io:5000"
      "gcr.io":
        endpoints:
        - "http://mirror-gcr.io:5000"
      "ghcr.io":
        endpoints:
        - "http://mirror-ghcr.io:5000"

docker-compose.yaml:

version: '3.7'
x-common-config: &common-config
  image: ghcr.io/siderolabs/talos:v1.6.1
  environment:
    - PLATFORM=container
    - TALOSSKU=2CPU-2048RAM
  read_only: true
  privileged: true
  security_opt:
    - seccomp=unconfined
  tmpfs:
    - /run
    - /system
    - /tmp
  volumes:
    - type: volume
      target: /system/state
    - type: volume
      target: /var
    - type: volume
      target: /etc/cni
    - type: volume
      target: /etc/kubernetes
    - type: volume
      target: /usr/libexec/kubernetes
    - type: volume
      target: /usr/etc/udev
    - type: volume
      target: /opt

networks:
  talos-network:
    driver: bridge
    ipam:
      config:
        - subnet: 10.5.0.0/16

services:
  talos-controlplane-1:
    <<: *common-config
    container_name: talos-controlplane-1
    hostname: talos-controlplane-1
    ports:
      - 50000:50000
      - 6443:6443
    networks:
      - talos-network

  talos-worker-1:
    <<: *common-config
    container_name: talos-worker-1
    hostname: talos-worker-1
    ports:
      - 50001:50000
    networks:
      - talos-network

  mirror-docker.io:
    image: registry:2.8.3
    environment:
      - REGISTRY_PROXY_REMOTEURL=https://registry-1.docker.io
    volumes:
      - ./.docker-cache:/var/lib/registry
    restart: always
    networks:
      - talos-network

  mirror-registry.k8s.io:
    image: registry:2.8.3
    environment:
      - REGISTRY_PROXY_REMOTEURL=https://registry.k8s.io
    volumes:
      - ./.docker-cache:/var/lib/registry
    restart: always
    networks:
      - talos-network

  mirror-gcr.io:
    image: registry:2.8.3
    environment:
      - REGISTRY_PROXY_REMOTEURL=https://gcr.io
    volumes:
      - ./.docker-cache:/var/lib/registry
    restart: always
    networks:
      - talos-network

  mirror-ghcr.io:
    image: registry:2.8.3
    environment:
      - REGISTRY_PROXY_REMOTEURL=https://ghcr.io
    volumes:
      - ./.docker-cache:/var/lib/registry
    restart: always
    networks:
      - talos-network
frezbo commented 6 months ago

please, docs updates are always welcome :heart: