I have Kubernetes cluster on cloud and local secure docker registry (example.com, 192.168.1.124). While trying to pull image from registry (example.com/mongo), it is resolving IP of real example.com, not for my local registry. I have created ConfigMap on kube-system namespace:
Name: marketplace-dns
Namespace: kube-system
Labels: <none>
Annotations: <none>
Data
====
configmap_dns.yaml:
----
apiVersion: v1
kind: ConfigMap
metadata:
name: kube-dns
namespace: kube-system
data:
stubDomains: |
{"example.com": ["192.168.1.124"]}
Events: <none>
And set hostNetwork: true dnsPolicy: ClusterFirst on my kubernetes deployment yaml, but problem still exists....
Pulling an image from registry on pod start uses different DNS settings then when you call DNS from pods inside a cluster.
When Kubernetes stats new pod, it schedules it to the node and then agent on the node named kubelet calls container engine (Docker in your situation) to download an image and run it with designed configuration.
Docker uses system DNS to resolve the address of a registry, because it works right on your host system, not in the Kubernetes, that is why any DNS settings will not affect DNS resolving on the image downloading stage. Here is a discussion about it on Github.
If you want to change DNS settings and override your registry IP to use it on image downloading stage, you should somehow set it in your host system. In your configuration, you need to modify DNS settings on all your nodes in the cluster. The simplest way to do it is using /etc/hosts file and adding a record with your custom IP, e.g. 192.168.1.124 example.com. You can also modify your local DNS resolver, if you have it etc.
After that modifications, Docker on nodes will use the record from /etc/hosts for your registry instead of global DNS records, because that file has higher priority and you will be able to run pods with your image.
I guess set dnsPolicy: ClusterFirstWithHostNet will do the job.