DNS: Support large DNS payloads

When edpm nodes use the dnsmasq we deploy in OCP they will not be able to get large DNS responses. DNS messages are restricted to 512 octets, and tools such as dig will try detect that the response has been truncated and then use TCP mode instead. We can see this happen if we run inside the edpm node the following: ``` $ dig cisco.com TXT ;; Truncated, retrying in TCP mode. ``` With this patch we make the dns OCP service expose the TCP port so the alternative TCP mechanism can be used.
openstack-k8s-operators · Jan 13, 2025 · a1bacea · a1bacea
1 parent 58707fa
commit a1bacea
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/controllers/network/dnsmasq_controller.go b/controllers/network/dnsmasq_controller.go
@@ -383,6 +383,12 @@ func (r *DNSMasqReconciler) reconcileNormal(ctx context.Context, instance *netwo
 					Port:       dnsmasq.DNSPort,
 					TargetPort: intstr.IntOrString{Type: intstr.Int, IntVal: dnsmasq.DNSTargetPort},
 				},
+				{
+					Name:       dnsmasq.ServiceName + "-tcp",
+					Protocol:   corev1.ProtocolTCP,
+					Port:       dnsmasq.DNSPort,
+					TargetPort: intstr.IntOrString{Type: intstr.Int, IntVal: dnsmasq.DNSTargetPort},
+				},
 			},
 		}),
 		5,