Dustin C. Hatch
473e279a18
Lately, cloud nodes seem to be failing to come up more frequently. I traced this down to the fact that `/etc/resolv.conf` in the `kube-proxy` container contains both the AWS-provided DNS server and the on-premises server set by Wireguard. This evidently "works" correctly sometimes, but not always. When it doesn't, the `kube-proxy` cannot resolve the Kubernetes API server address, and thus cannot create the necessary netfilter rules to forward traffic correctly. This causes pods to be unable to communicate. I am not entirely sure what the "correct" solution to this problem would be, since there are various issues in play here. Fortunately, cloud nodes are only ever around for a short time, and never need to be rebooted. As such, we can use a "quick fix" and simply remove the AWS-provided DNS configuration.