Problem
You have an application that is very sensitive to DNS latency and would like to remove the force_tcp flag from the PILLAR_UPSTREAM_SERVERS section to improve kube-dns latency problems by allowing UDP to be used instead.
In addition, you noticed that any change you performed in node-local-dns configMap, is reverted to the original state after some time. You would like to know if there is a way to make this change permanent.
Environment
- Google Kubernetes Engine cluster
- NodelLocal DNS Caching enabled
Solution
- Run a custom NodeLocal DNS using a custom YAML. You can also use custom kube-dns.
Cause
You cannot modify NodeLocal DNS config, if it is enabled within Google Kubernetes Engine. force_tcp is disabled for stub domains and upstream servers, as not all DNS servers support TCP DNS Queries. Any changes made to it will revert back to default.
NodeLocal DNS uses TCP so it can recover from any DNS drops due to iptables race conditions. If using UDP, you might continue to null route.