From 4915e4dd5577146384d6a6fffe3b7dea38a47b84 Mon Sep 17 00:00:00 2001 From: Alice Frosi Date: Thu, 11 Jun 2026 08:05:31 +0000 Subject: [PATCH] Disable DHCP-provided DNS on VM passt NIC passt injects additional DNS servers (169.254.1.1, host gateway) via DHCP that don't know about cluster.local. systemd-resolved may query these before the bink DNS container and accept an NXDOMAIN, causing flaky registry.cluster.local resolution on worker nodes. Setting ipv4.ignore-auto-dns prevents DHCP DNS from being added to the link, leaving only the bink DNS container which forwards non-cluster queries to upstream (8.8.8.8, 8.8.4.4). Fixes: https://github.com/alicefr/bink/issues/59 Assisted-by: Claude Opus 4.6 (1M context) Signed-off-by: Alice Frosi --- internal/node/templates/user-data.yaml.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/node/templates/user-data.yaml.tmpl b/internal/node/templates/user-data.yaml.tmpl index 989e4d2..dca951e 100644 --- a/internal/node/templates/user-data.yaml.tmpl +++ b/internal/node/templates/user-data.yaml.tmpl @@ -81,7 +81,7 @@ runcmd: - systemctl enable --now var-mnt-cluster_images.mount - systemctl enable --now ostree-state-overlay@opt.service - systemctl enable --now qemu-guest-agent - - nmcli connection modify "cloud-init enp2s0" ipv4.dns-search "~{{.ClusterDomain}} {{.ClusterDomain}}" + - nmcli connection modify "cloud-init enp2s0" ipv4.dns-search "~{{.ClusterDomain}} {{.ClusterDomain}}" ipv4.ignore-auto-dns yes - nmcli connection up "cloud-init enp2s0" - systemctl enable --now crio - systemctl enable kubelet