search
githubEdit

Disable Search Domains

hashtag
Overview

In this section we perform the following DNS adjustments:

hashtag
Set Use Domains to False

  • Set use-domains: false to prevent the possibility of systemd's DHCP client overwriting the DNS search domain. This prevents a potentially bad domain served by the DHCP server from becoming active.

  • This is a common issue to some of the providers which is explained in more detail herearrow-up-right

hashtag
Set Accept RA to False

  • Set accept-ra: false to disable IPv6 Router Advertisement (RA) as the DNS search domain may still leak through if not disabled.

  • Potential issue this addresses is explained in more detail herearrow-up-right

hashtag
Create Netplan

NOTE - the DNS resolution issue & the Netplan fix addressed in this step are described herearrow-up-right

Apply the following to all Kubernetes control plane and worker nodes.

IMPORTANT - Make sure you do not have any other config files under the /etc/netplan directory, otherwise it could cause unexpected networking issues / issues with booting up your node.

If you aren't using the DHCP or want to add additional configuration, please refer to the netplan documentation herearrow-up-right for additional config options.

cat > /etc/netplan/01-netcfg.yaml <<'EOF'
network:
  version: 2
  renderer: networkd
  ethernets:
    all:
      match:
        name: en*
      dhcp4: yes
      dhcp4-overrides:
        use-domains: false
      # disable accept-ra, otherwise it will bring search domains to your /etc/resolv.conf
      # refs https://bugs.launchpad.net/netplan/+bug/1858503
      accept-ra: false
      optional: true
EOF

hashtag
Test and Apply Netplan

Test the Netplan config and apply via these commands.

hashtag
Expected/Example Output

PreviousPrepare Kubernetes HostsNextInstall NVIDIA Drivers & Toolkit

Last updated