Resolving through kube-dns on managed Kubernetes nodes
Hi Digital Ocean,
I am trying to set up an internal Docker registry within a DO managed Kubernetes cluster. I have the registry up and running and can access the registry from the worker nodes by using the service cluster ip, but I can not pull images in deployments through the url provided for the internal Docker registry with kube-dns. I believe the problem is that the worker nodes themselves are not set up to use the kube-dns name server.
As the worker nodes are to be treated as ephemeral, I do not wish to manually set up resolv.conf, as it would probably be overwritten at cluster upgrades, recycles etc.
What can be done? Would it be possible to upgrade the default managed Kubernetes nodes to resolve through kube-dns first?
Thanks for your time and kind regards.
And also; Would it be possible for the nodes to trust the Kubernetes root CA? The nodes do not seem to trust certificates generated in the following way: https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/
I want to be able to create a docker repository which is not exposed globally but only within the cluster. It should be accessible on the nodes, such that the docker daemons can pull images from it.