On Wed, Feb 24, 2021, at 12:49 PM, Paul Wouters wrote:
Which is why I have argued for a long time now that
systemd-resolved should not be installed by default on servers or
containers. It adds complexity without any real gain in these
deployments and makes DNS issues harder to troubleshoot.
It's trickier than that because local caching nameservers can provide real benefits in
various server scenarios, and also the IoT/edge case (as usual) blurs the traditional
datacenter/mobile boundary. (IoT can be servers with WiFi)
We ended up enabling resolved in FCOS, although it took a bit because it broke OpenShift,
see:
https://github.com/openshift/okd-machine-os/pull/15
https://github.com/openshift/machine-config-operator/pull/2377
https://github.com/openshift/okd-machine-os/pull/47
etc.
(It's really complex for OpenShift because we have a split between the host DNS and
pod DNS which is served by CoreDNS, yet some cases span those, plus some on-premise
installs differ from cloud/Iaas in this)