CCI uses dnsPolicy to identify different DNS policies for each pod. The value of dnsPolicy can be either of the following:

• None: It allows a pod to ignore DNS settings from CCI. When using this policy, you can customize the DNS configuration by defining dnsConfig.

• Default: Use the HUAWEI CLOUD DNS to resolve the domain names of other HUAWEI CLOUD services and forward domain name requests to public DNS servers. For details, see https://support.huaweicloud.com/en-us/dns_faq/dns_faq_002.html.
  

  This policy can be used only when the coredns add-on is not installed in the namespace where the pod is located. If coredns has been installed, the Default policy will be overwritten by the ClusterFirst policy.

• ClusterFirst: Use the coredns add-on installed in the namespace to resolve domain names. Any DNS query that does not match the configured cluster domain suffix (.cluster.local), such as www.kubernetes.io, is forwarded to the upstream DNS server (HUAWEI CLOUD DNS by default).

  For details on how to configure the stub domain and upstream DNS server, see https://support.huaweicloud.com/en-us/usermanual-cci/cci_01_0057.html.

  

  This policy can be used only when the coredns add-on has been installed in the namespace where the pod is located. If coredns is not installed, the ClusterFirst policy will be overwritten by the Default policy.

If dnsPolicy is not specified, its default value is set based on whether the coredns add-on is installed. If coredns is installed, ClusterFirst is used by default. Otherwise, Default is used.

dnsConfig description:

dnsConfig specifies DNS parameters for applications. The DNS parameter settings will be merged into the DNS configuration file generated based on dnsPolicy. If dnsPolicy is set to None, the DNS configuration specified by dnsConfig will overwrite the content in the DNS configuration file. If dnsPolicy is not set to None, the DNS parameters specified by dnsConfig will be supplemented to the DNS configuration file.

• nameservers: a list of IP addresses that will be used as DNS servers for the pod. If dnsPolicy is set to None for a pod, the list must contain at least one IP address; otherwise, this property is optional. The servers listed will be merged into the nameservers generated from the chosen DNS policy in dnsPolicy with duplicate addresses removed.
• searches: a list of DNS search domains for hostname lookup in the pod. This property is optional. When specified, the provided list will be merged into the search domain names generated from the chosen DNS policy in dnsPolicy. Duplicate domain names are removed. Kubernetes allows for at most 6 search domains.
• options: a list of objects where each object may have a name property (required) and a value property (optional). The content in this property will be merged into the options generated from the chosen DNS policy in dnsPolicy. Common options include timeout, attempts, and ndots.

Configuring DNS Policies During Workload Creation on the CCI Console

Figure 1 Client DNS Configuration

• Replace default configuration: It corresponds to the None policy. The nameserver, search domain, timeout, and ndots you specify here will take effect.

• Supplement default configuration: It includes ClusterFirst and Default policies. The final value depends on whether the coredns add-on is installed. The DNS parameters you specify here will be supplemented to the DNS configuration file generated based on dnsPolicy.