Updating files without restarting the pod

Hi,

I have deployed a simple pod and after deployment, I want to change certain files inside the pod e.g. /etc/resolv.conf (to add a new DNS nameserver), /etc/hosts to add a new entry for IP/domain/alias etc. I don’t want to just simply edit the files using an editor like vi/vim, as that will not persist it upon pod restart.

How can I achieve this without restarting, recreating, or deleting my pod?
Secondly, how do I persist the changes that made upon a pod deletion or recreation event?

Regards,
Sunil

You can use a ConfigMap to project files into a pod, but the ones you
mention tend to be managed by Kubernetes itself. Replacing a single
file in an existing directory is tricky because of how Linux manages
bind mounts and symlinks (which makes sense from one POV but is not
what we want :slight_smile:

I’ve seen base images that configure nsswitch to use a different hosts
and resolv files, which can then be projected in from ConfigMaps.

Thanks for your reply.

So I was just thinking to use configmaps with inotify. inotify to track for any attrib change events inside my mounts (which are configmaps). Then have some sort of script to reflect those changes inside desired files like resolv/hosts etc.

What are your thoughts on this? There could be some other such files as well.

Would be good to get a glimpse of images where nsswitch is used? Could you give me some references?

Regards

You can also use confd (https://github.com/kelseyhightower/confd) to pull and populate configuration files directly from etcd. Although I am not sure how that will work with the etcd instance used by kubernetes. I suspect you need to start your own instance of etcd for that.

Thanks for the suggestion.
So I was going thru the confd documentation, but I am not sure whether we can use it to populate k8s/docker managed files like /etc/resolv.conf which is bind mounted as well?

I am not very familiar with this topic but I suspect that overriding /etc/resolv.conf is not really a good idea. There is page dedicated to that, however

Perhaps it could be of some use.

Thanks @priimak.