Page MenuHomePhabricator
Create Task
Maniphest T111914

Setup DNS for kubernetes services
Closed, ResolvedPublic
Actions

Description

Should use https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/dns and setup DNS, accessible from both inside and outside the pods.

Related Objects
Search...

Event Timeline

yuvipanda created this task.Sep 9 2015, 8:17 AM
yuvipanda raised the priority of this task from to Needs Triage.
yuvipanda updated the task description. (Show Details)
yuvipanda added projects: Cloud-Services, Toolforge.
yuvipanda added subscribers: Aklapper, yuvipanda.
yuvipanda added a comment.Sep 9 2015, 8:27 AM

Our test cluster's DNS ran into https://github.com/kubernetes/kubernetes/issues/2996 - let's see how this one fares!

yuvipanda added a comment.Sep 9 2015, 8:27 AM

Also need to decide if we're ok using their pre-built images or want to build our own.

yuvipanda added a comment.Sep 9 2015, 8:33 AM

Since the primary use case for this is T111916, and there are alternatives there, we could skip this for the initial setup.

yuvipanda added a comment.Sep 16 2015, 4:34 AM

There's skydns + kube2sky running on a 2pod replica in the cluster now.

valhallasw closed this task as Resolved.Oct 4 2015, 11:50 AM
valhallasw claimed this task.
yuvipanda reopened this task as Open.Nov 29 2015, 2:14 AM

WOMP WOMP. This died due to T119814 when we set it up fully properly.

Restricted Application added a subscriber: StudiesWorld. · View Herald TranscriptNov 29 2015, 2:14 AM
yuvipanda added a subtask: T119814: Figure out how to deal with SSL cert issues for kubernetes masters.Nov 29 2015, 2:14 AM
chasemp triaged this task as Medium priority.Nov 30 2015, 4:40 PM
chasemp added a subscriber: chasemp.
valhallasw removed valhallasw as the assignee of this task.Dec 2 2015, 4:08 PM
valhallasw added a subscriber: valhallasw.
yuvipanda closed subtask T119814: Figure out how to deal with SSL cert issues for kubernetes masters as Resolved.Feb 2 2016, 3:36 AM
yuvipanda claimed this task.Feb 3 2016, 3:42 AM

We need to somehow mount the ca cert from the host to the pods and it'll be all good.

yuvipanda added a comment.Feb 3 2016, 3:53 AM

x509: cannot validate certificate for 192.168.0.1 because it doesn't contain any IP SANs

because kube2sky attempts to contact kubernetes via the IP that's made available via the environment variable, but that's ofcourse not part of the SAN for the SSL certificate that's issued to that...

yuvipanda added a parent task: T129309: Goal: Allow using k8s instead of GridEngine as a backend for webservices.Mar 9 2016, 4:28 AM
yuvipanda removed yuvipanda as the assignee of this task.Mar 22 2016, 9:06 PM
Joe added a subscriber: Joe.Apr 4 2016, 5:29 PM
yuvipanda removed a parent task: T129309: Goal: Allow using k8s instead of GridEngine as a backend for webservices.Apr 28 2016, 11:48 AM
valhallasw moved this task from Triage to Backlog on the Toolforge board.May 27 2016, 11:34 AM
Phabricator_maintenance removed a subscriber: yuvipanda.Jun 7 2017, 6:47 PM
Bstorm added a parent task: T214513: Deploy and migrate tools to a Kubernetes v1.15 or newer cluster.Jan 23 2019, 9:22 PM
Bstorm removed a subtask: T119814: Figure out how to deal with SSL cert issues for kubernetes masters.Feb 7 2019, 9:08 PM
bd808 removed a project: Cloud-Services.Jan 4 2020, 9:28 PM
Bstorm closed this task as Resolved.Feb 25 2020, 4:29 PM
Bstorm claimed this task.
Bstorm added a subscriber: Bstorm.

This is effectively done in the new cluster which uses CoreDNS throughout. It is not accessible outside the cluster, but it really shouldn't be as currently designed unless we make the decision to start peering Calico up the stack.

Content licensed under Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL