nixos/kubernetes: allow setting multiple kubelet dns resolvers

The current kubernetes module only allows you to set a single DNS resolver for the kubelet. Historically, this has not mattered as the value was passed to a cli argument as a string and as per the kubelet's configuration parsing mechanism, multiple values could be passed as a comma-delimited string. However, recently, the module was refactored to make configure kubernetes components via configuration files rather than the deprecated command-line arguments. These files more strongly-typed than CLI arguments and to pass multiple values, one must define a list in the file. When this change was made, an incorrect assumption was made that only a single DNS server could be specified and forced a single-item list into this configuration file. We need to introduce a breaking change to the module in order to allow the user to supply their own list with however many dns resolvers they wish to use.
2024-08-30 22:17:00 -04:00 · 2024-08-30 22:17:00 -04:00 · 2d54b2b048
commit 2d54b2b048
parent 4b52ee1214
2 changed files with 5 additions and 3 deletions
--- a/nixos/doc/manual/release-notes/rl-2411.section.md
+++ b/nixos/doc/manual/release-notes/rl-2411.section.md
@ -119,6 +119,8 @@

 - `grafana` has been updated to version 11.1. This version doesn't support setting `http_addr` to a hostname anymore, an IP address is expected.

+- `services.kubernetes.kubelet.clusterDns` now accepts a list of DNS resolvers rather than a single string, bringing the module more in line with the upstream Kubelet configuration schema.
+
 - `wstunnel` has had a major version upgrade that entailed rewriting the program in Rust.
  The module was updated to accommodate for breaking changes.
  Breaking changes to the module API were minimised as much as possible,
--- a/nixos/modules/services/cluster/kubernetes/kubelet.nix
+++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix
@ -64,7 +64,7 @@ let
  } // lib.optionalAttrs (cfg.tlsCertFile != null)  { tlsCertFile = cfg.tlsCertFile; }
    // lib.optionalAttrs (cfg.tlsKeyFile != null)   { tlsPrivateKeyFile = cfg.tlsKeyFile; }
    // lib.optionalAttrs (cfg.clusterDomain != "")  { clusterDomain = cfg.clusterDomain; }
-    // lib.optionalAttrs (cfg.clusterDns != "")     { clusterDNS = [ cfg.clusterDns ] ; }
+    // lib.optionalAttrs (cfg.clusterDns != [])     { clusterDNS = cfg.clusterDns; }
    // lib.optionalAttrs (cfg.featureGates != {})   { featureGates = cfg.featureGates; }
  ));

@ -112,8 +112,8 @@ in

    clusterDns = mkOption {
      description = "Use alternative DNS.";
-      default = "10.1.0.1";
-      type = str;
+      default = [ "10.1.0.1" ];
+      type = listOf str;
    };

    clusterDomain = mkOption {