Kubernetes and resolv.conf

Recently I was writing about Tailscale and what surprised me a little bit was handling the /etc/resolv.conf between containers in a POD. I was almost ensured that each container has its own /etc/resolv.conf but in reality, the same file is being shared among all the containers in a POD. It is done at least in CRI presented by docker by mounting the same resolv.conf file into all containers in the same POD. Containers in a POD share the same network namespace so it’s good to have also the same /etc/resolv.conf.

Docker is handling those special mounts like /etc/hostname, /etc/hosts as network mounts. Those network mounts are also presented in docker inspect as separates fields. To prove it let’s inspect each container from the same POD:

# docker ps | grep -i apache-0 | awk '{print $1}' | xargs docker inspect -f '{{.ResolvConfPath}}'
/var/lib/docker/containers/46145faba8f7b411eddf526a8d347af5c5c2f9fae34555f9389523a116d05446/resolv.conf
/var/lib/docker/containers/46145faba8f7b411eddf526a8d347af5c5c2f9fae34555f9389523a116d05446/resolv.conf
/var/lib/docker/containers/46145faba8f7b411eddf526a8d347af5c5c2f9fae34555f9389523a116d05446/resolv.conf

comments powered by Disqus
#kubernetes #resolvconf

powered by Hugo and Noteworthy theme