kubernetes dns resolver in nginx

nginx kubernetes google-kubernetes-engine

I was developing locally in docker-compose, and had an nginx container doing a simple proxy_pass like so:

location /app/ {
    proxy_pass http://webapp:3000/;

    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;

    resolver 127.0.0.11;
}

I now want to move over to kubernetes in GKE, and the last line is giving me troubles.

I tried to switch the resolver to:

    resolver kube-dns;

I also tried various other IPs and names, but I keep getting an error along the lines of: 

nginx: [emerg] host not found in resolver "kube-dns"

My kubernetes setup is that I have a single pod, with 2 containers: 'webapp' and 'nginx'. I simply want to have an external service pointing to nginx that can proxy_pass to webapp.

Any ideas?


Solution 1:

You have to specify the FQDN for the kube-dns and the services.
For GKE kube-dns standard for example, it would be: kube-dns.kube-system.svc.cluster.local
And if you're on the default namespace with your webapp service, it would be: webapp.default.svc.cluster.local

I know the original question is old, but maybe it helps someone.

Solution 2:

If nginx lives inside kubernetes there is no need to set the resolver since it will resolve to the correct spot. if nginx and webapp live in the same namespace you can simply

proxy_pass http://webapp

As long as your service name for the webapp is called webapp and using port 80.

If nginx lives outside then you should use a ingress controll or set the service for the webapp to a nodeport. A nodeport will open the same port on all the nodes so you can load balance between them on the nginx side.

Solution 3:

Achieved this locally running a cluster using Kind with the below steps:

1. Checking the DNS conf of a running pod

kubectl exec -it <pod name> -- cat /etc/resolv.conf

search default.svc.cluster.local svc.cluster.local cluster.local home
nameserver 10.96.0.10
options ndots:5

2. Specifying the nameserver IP as the Nginx resolver

http {
    server {
        resolver 10.96.0.10 valid=10s;

Related

How can I add in apache referrer policy header?
call batch file and run using its own path/directory
How frequently should SMART be run on a disk?
How do I setup sshd on Mac OS X to only allow key-based authentication?
Rsync over ssh with root access on both sides
How can I increase ssh security? Can I require both a key and password?
How can I search the info column in Wireshark?
What does Upstream and Downstream mean?
How to exclude some users from Linux Top screen?
In what condition, should I create a system user instead of a normal user?
Why are outdated packages installed by yum on CentOS? (specifically PHP 5.1) How to fix?
User in domain admin group cannot access directory the group has permission to access