From 059934a7c0b64293e2bac2a4165d8b8bc1471034 Mon Sep 17 00:00:00 2001
From: Tine <tine@tjo.space>
Date: Mon, 16 Dec 2024 21:19:55 +0100
Subject: [PATCH] wip: kubernetes cilum service dns issue

---
 k8s.tjo.cloud/modules/cluster/components.tf | 7 +++++--
 k8s.tjo.cloud/modules/cluster/main.tf       | 6 ++++++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/k8s.tjo.cloud/modules/cluster/components.tf b/k8s.tjo.cloud/modules/cluster/components.tf
index 5696f85..22f03a7 100644
--- a/k8s.tjo.cloud/modules/cluster/components.tf
+++ b/k8s.tjo.cloud/modules/cluster/components.tf
@@ -26,18 +26,21 @@ data "helm_template" "cilium" {
     bpf:
       masquerade: true
 
-    enableIPv4Masquerade: true
     ipv4:
       enabled: true
     ipv4NativeRoutingCIDR: "${var.cluster.pod_cidr.ipv4}"
 
-    enableIPv6Masquerade: true
     ipv6:
       enabled: false
     ipv6NativeRoutingCIDR: "${var.cluster.pod_cidr.ipv6}"
 
     kubeProxyReplacement: true
 
+    # This breaks it??
+    #k8s:
+    #  requireIPv4PodCIDR: true
+    #  requireIPv6PodCIDR: true
+
     securityContext:
       capabilities:
         ciliumAgent:
diff --git a/k8s.tjo.cloud/modules/cluster/main.tf b/k8s.tjo.cloud/modules/cluster/main.tf
index 5c61af6..5b2f5d0 100644
--- a/k8s.tjo.cloud/modules/cluster/main.tf
+++ b/k8s.tjo.cloud/modules/cluster/main.tf
@@ -184,6 +184,12 @@ locals {
         image = "factory.talos.dev/installer/${var.talos.schematic_id}:${var.talos.version}"
         disk  = "/dev/vda"
       }
+      features = {
+        hostDNS = {
+          enabled              = true
+          forwardKubeDNSToHost = false
+        }
+      }
     }
   }