Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

NGINX in Openshift - NGINX can't resolve internal hostnames

Tags:

nginx

dns

openshift

openshift-origin

resolver

When using a variable to rewrite & proxy to an internal Openshift service within an nginx container's proxy_pass config, NGINX can't resolve the service's DNS due to a required resolver. For instance:

location /api/ {
   set $pass_url http://service.namespace.svc:8080$request_uri;
   proxy_pass  $pass_url;
}

When using standard Kubernetes, I can use kube-dns.kube-system.svc.cluster.localas the resolver:

resolver kube-dns.kube-system.svc.cluster.local;

But Openshift doesn't provide this. I've tried using the IP that is in the container's /etc/resolv.conf, which is just one of the nodes in my cluster that is running the DNS server, but it still can't resolve.

Weirdest part is nslookup service.namespace.svc from inside the container terminal uses the nameserver in /etc/resolv.conf and it works fine.

Is there an equivalent to the Kubernetes DNS hostname in Openshift I could use, or perhaps another solution to work around this?

like image 849
ev0lution37 Avatar asked Mar 02 '19 14:03

ev0lution37

People also ask

How does DNS resolution work in Openshift?

The DNS Operator implements the dns API from the operator.openshift.io API group. The Operator deploys CoreDNS using a daemon set, creates a service for the daemon set, and configures the kubelet to instruct pods to use the CoreDNS service IP address for name resolution.

What is resolver in nginx?

Context: http , server , and location. Specifies the name servers that should be employed by Nginx to resolve hostnames to IP addresses and vice-versa. DNS query results are cached for some time, either by respecting the TTL provided by the DNS server, or by specifying a time value to the valid argument.

Does nginx cache DNS?

If you are using nginx as a proxy and/or reverse proxy, the nginx is caching the DNS information and if you are using AWS Application Load Balancer behind the nginx, and nginx sometimes needs to restart and/or DNS flushing to send a request to the AWS Application Load Balancer because AWS is always giving a CNAME and ...

1 Answers

Running ngnix in OpenShift 4.7 I was able to work around this issue by adding

resolver dns-default.openshift-dns.svc.cluster.local

to the server configuration. Apparently, ngnix is not parsing /etc/resolv.conf, but (in my case), dns-default.openshift-dns.svc.cluster.local also resolves to 172.30.0.10, which was defined as a nameserver in /etc/resolv.conf.

like image 163
Max Avatar answered Sep 17 '22 23:09

Max
Sign in to Comment

Related questions

How to configure nginx reverse proxy to use SECURE websockets upstream?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!