openwhisk-deploy-kube: Actions are unable to reach namesever specified in invoker dns config

I have a dns set up on 192.168.9.30. My actions contains urls which needs to be resolved on this server but the actions are unable to reach the server and still reach out to kube-dns. Can someone please guide me. My invoker configs are

invoker:
  imageName: "openwhisk/invoker"
  imageTag: "1.0.0"
  imagePullPolicy: "IfNotPresent"
  restartPolicy: "Always"
  port: 8080
  options: ""
  jvmHeapMB: "512"
  jvmOptions: ""
  loglevel: "INFO"
  containerFactory:
    useRunc: false
    impl: "kubernetes"
    enableConcurrency: false
    networkConfig:
      name: "bridge"
      dns:
        inheritInvokerConfig: false
        overrides:          # NOTE: if inheritInvokerConfig is true, all overrides are ignored
          # Nameservers, search, and options are space-separated lists
          # eg nameservers: "1.2.3.4 1.2.3.5 1.2.3.6" is a list of 3 nameservers
          nameservers: "192.168.9.30"
          search: "example.com"
          options: ""
    kubernetes:
      isolateUserActions: true
      replicaCount: 1

About this issue

  • Original URL
  • State: open
  • Created 7 months ago
  • Comments: 17 (10 by maintainers)

Most upvoted comments

It looks like I added that logic in 2018. I think that was early enough that Kubernetes was still using Docker as the kubelet container engine (hadn’t switched to containerd). We were only deploying the OpenWhisk control plane (invoker, controller, Kafka, etc) as proper Kubernetes pods. All of the user action containers were created outside of Kubernetes by having the invoker (which was deployed as a DaemonSet – one invoker per node) going directly to Docker on its node and creating the user container. So I think all that this wiring did was to give us a way to pass the docker networking configuration into the invoker so it would then pass that information to Docker when it created the user containers.

But all of this is pretty hazy to be honest…2018 was a long time ago 😦

+2
dgrove-oss on Dec 1, 2023

I was unable to pass it in the application.conf but used this in the owconfig.yaml

invoker:
  options: "-Dwhisk.kubernetes.user-pod-node-affinity.enabled=false  -Dwhisk.kubernetes.pod-template=file:/config/pod-template.yaml"

Used this configmap

apiVersion: v1
kind: ConfigMap
data:
  pod-template.yaml: |
    apiVersion: v1
    kind: Pod
    spec:
      dnsPolicy: None
      dnsConfig:
        nameservers:
          - 192.168.9.30
        searches:
          - example.com
metadata:
  name: whisk-pod-template

Modified invoker-pod.yaml with these changes

      volumes:
      - name: pod-template
        configMap:
          name: whisk-pod-template
          items:
          - key: pod-template.yaml
            path: pod-template.yaml
      containers:
      - name: invoker
        volumeMounts:
        - name: pod-template
          mountPath: /config/pod-template.yaml
          subPath: pod-template.yaml

For the env approach I don’t quite understand the problem completely which is causing the issue

+1
jhawarchirag0 on Dec 5, 2023

@style95 Thanks for the help. I have resolved this issue

+1
jhawarchirag0 on Dec 5, 2023
Read more comments on GitHub
← opendal: Tracking issues of OpenDAL wasm32-unknown-unknown target support
orc: [JAVA] mvn package fails if test compiling was skipped →