Add agent.dnsConfig to Helm chart values

uswitch / kiam

Integrate AWS IAM with Kubernetes

Apache License 2.0

1.15k stars 238 forks source link

Add agent.dnsConfig to Helm chart values #487

Closed KevinSnyderCodes closed 3 years ago

KevinSnyderCodes commented 3 years ago

In some GKE clusters, there is a bug where hostNetwork: true and dnsPolicy: ClusterFirstWithHostNet results in failed DNS queries.

The solution is to set dnsPolicy: None and provide your own dnsConfig.

This PR adds agent.dnsConfig to the Helm chart values, allowing users to implement this workaround to the GKE issue or specify any other dnsConfig they wish.

https://cloud.google.com/kubernetes-engine/docs/how-to/nodelocal-dns-cache#dns_timeout

KevinSnyderCodes commented 3 years ago

Closed as AWS and GCP both use 169.254.169.254 for their Metadata API, making kops incompatible with GKE Workload Identity.

We ended up using gtoken as an alternative.