* Lennart Poettering:
On Mi, 15.04.20 10:09, Michael Catanzaro (mcatanzaro(a)gnome.org)
wrote:
> You're right that continuing to use nss-dns would avoid any such problems
> while maintaining the other benefits of systemd-resolved. That could be a
> fallback plan if needed.
So, it is my understanding that containers as deployed with kubernetes
generally don't boot up with systemd as PID 1 inside them, no?
If that's the case things should just work: if a container manager
copies in their /etc/resolv.conf, and resolved is not running in the
container, then nss-dns with traditional configuration is in effect as
before.
As far as I know, the Kubernetes DNS hacks are used on the
infrastructure layer, not just within containers.
I guess we can prepare a Fedora compose with all this implemented, and
ask someone with the expertise to use it to deploy a Kubernetes cluster,
and see what happens?
Thanks,
Florian