From 33c4eaf560aeccf0dd4276391a2f618e8ba84900 Mon Sep 17 00:00:00 2001
From: John Howard <howardjohn@google.com>
Date: Tue, 14 Feb 2023 13:45:31 -0800
Subject: [PATCH 1/2] Add `dnsSearch` cluster option

Fixes https://github.com/kubernetes-sigs/kind/issues/3097
---
 pkg/apis/config/v1alpha4/types.go                |  2 ++
 .../internal/providers/docker/provision.go       | 16 ++++++++++++++++
 .../internal/providers/podman/provision.go       |  9 +++++++++
 pkg/internal/apis/config/convert_v1alpha4.go     |  1 +
 pkg/internal/apis/config/types.go                |  2 ++
 5 files changed, 30 insertions(+)

diff --git a/pkg/apis/config/v1alpha4/types.go b/pkg/apis/config/v1alpha4/types.go
index cdf07cf9a7..308a6853b8 100644
--- a/pkg/apis/config/v1alpha4/types.go
+++ b/pkg/apis/config/v1alpha4/types.go
@@ -189,6 +189,8 @@ type Networking struct {
 	// KubeProxyMode defines if kube-proxy should operate in iptables or ipvs mode
 	// Defaults to 'iptables' mode
 	KubeProxyMode ProxyMode `yaml:"kubeProxyMode,omitempty" json:"kubeProxyMode,omitempty"`
+	// DNSSearch defines the DNS search domain to use for nodes. If not set, this will be inherited from the host.
+	DNSSearch *[]string `yaml:"dnsSearch,omitempty" json:"dnsSearch,omitempty"`
 }
 
 // ClusterIPFamily defines cluster network IP family
diff --git a/pkg/cluster/internal/providers/docker/provision.go b/pkg/cluster/internal/providers/docker/provision.go
index 97b05594b0..7b05b9d3a5 100644
--- a/pkg/cluster/internal/providers/docker/provision.go
+++ b/pkg/cluster/internal/providers/docker/provision.go
@@ -199,6 +199,22 @@ func commonArgs(cluster string, cfg *config.Cluster, networkName string, nodeNam
 	if mountFuse() {
 		args = append(args, "--device", "/dev/fuse")
 	}
+
+	if cfg.Networking.DNSSearch != nil {
+		if len(*cfg.Networking.DNSSearch) == 0 {
+			return nil, errors.New("docker provider requires a non-empty dnsSearch")
+		}
+		for _, s := range *cfg.Networking.DNSSearch {
+			args = append(args, "--dns-search", s)
+		}
+		args = append(args, "--dns", "8.8.8.8")
+		args = append(args, "--dns", "8.8.4.4")
+		if config.ClusterHasIPv6(cfg) {
+			args = append(args, "--dns", "2001:4860:4860::8888")
+			args = append(args, "--dns", "2001:4860:4860::8844")
+		}
+	}
+
 	return args, nil
 }
 
diff --git a/pkg/cluster/internal/providers/podman/provision.go b/pkg/cluster/internal/providers/podman/provision.go
index 0935b48d9b..3a5b2943df 100644
--- a/pkg/cluster/internal/providers/podman/provision.go
+++ b/pkg/cluster/internal/providers/podman/provision.go
@@ -164,6 +164,15 @@ func commonArgs(cfg *config.Cluster, networkName string, nodeNames []string) ([]
 		args = append(args, "--device", "/dev/fuse")
 	}
 
+	if cfg.Networking.DNSSearch != nil {
+		if len(*cfg.Networking.DNSSearch) == 0 {
+			args = append(args, "--dns-search", "")
+		}
+		for _, s := range *cfg.Networking.DNSSearch {
+			args = append(args, "--dns-search", s)
+		}
+	}
+
 	return args, nil
 }
 
diff --git a/pkg/internal/apis/config/convert_v1alpha4.go b/pkg/internal/apis/config/convert_v1alpha4.go
index f37fe6c16e..2df4b75138 100644
--- a/pkg/internal/apis/config/convert_v1alpha4.go
+++ b/pkg/internal/apis/config/convert_v1alpha4.go
@@ -85,6 +85,7 @@ func convertv1alpha4Networking(in *v1alpha4.Networking, out *Networking) {
 	out.KubeProxyMode = ProxyMode(in.KubeProxyMode)
 	out.ServiceSubnet = in.ServiceSubnet
 	out.DisableDefaultCNI = in.DisableDefaultCNI
+	out.DNSSearch = in.DNSSearch
 }
 
 func convertv1alpha4Mount(in *v1alpha4.Mount, out *Mount) {
diff --git a/pkg/internal/apis/config/types.go b/pkg/internal/apis/config/types.go
index 4c44a6baad..fed3000798 100644
--- a/pkg/internal/apis/config/types.go
+++ b/pkg/internal/apis/config/types.go
@@ -150,6 +150,8 @@ type Networking struct {
 	DisableDefaultCNI bool
 	// KubeProxyMode defines if kube-proxy should operate in iptables or ipvs mode
 	KubeProxyMode ProxyMode
+	// DNSSearch defines the DNS search domain to use for nodes. If not set, this will be inherited from the host.
+	DNSSearch *[]string
 }
 
 // ClusterIPFamily defines cluster network IP family

From 1964100d41c9d5f5b651b3bd8fef01b3d7c7cc32 Mon Sep 17 00:00:00 2001
From: John Howard <howardjohn@google.com>
Date: Wed, 15 Feb 2023 07:55:37 -0800
Subject: [PATCH 2/2] Do it in post

---
 images/base/files/usr/local/bin/entrypoint        | 15 ++++++++++++++-
 .../internal/providers/docker/provision.go        | 13 +------------
 .../internal/providers/podman/provision.go        |  7 +------
 3 files changed, 16 insertions(+), 19 deletions(-)

diff --git a/images/base/files/usr/local/bin/entrypoint b/images/base/files/usr/local/bin/entrypoint
index 277f70a6c2..d71738af2f 100755
--- a/images/base/files/usr/local/bin/entrypoint
+++ b/images/base/files/usr/local/bin/entrypoint
@@ -417,7 +417,20 @@ enable_network_magic(){
 
   # now we can ensure that DNS is configured to use our IP
   cp /etc/resolv.conf /etc/resolv.conf.original
-  sed -e "s/${docker_embedded_dns_ip}/${docker_host_ip}/g" /etc/resolv.conf.original >/etc/resolv.conf
+  replaced="$(sed -e "s/${docker_embedded_dns_ip}/${docker_host_ip}/g" /etc/resolv.conf.original)"
+  if [[ "${KIND_DNS_SEARCH+x}" == "" ]]; then
+    # No DNS search set, just pass through as is
+    echo "$replaced" >/etc/resolv.conf
+  elif [[ -z "$KIND_DNS_SEARCH" ]]; then
+    # Empty search - remove all current search clauses
+    echo "$replaced" | grep -v "^search" >/etc/resolv.conf
+  else
+    # Search set - remove all current search clauses, and add the configured search
+    {
+      echo "search $KIND_DNS_SEARCH";
+      echo "$replaced" | grep -v "^search";
+    } >/etc/resolv.conf
+  fi
 
   local files_to_update=(
     /etc/kubernetes/manifests/etcd.yaml
diff --git a/pkg/cluster/internal/providers/docker/provision.go b/pkg/cluster/internal/providers/docker/provision.go
index 7b05b9d3a5..51a2e334ed 100644
--- a/pkg/cluster/internal/providers/docker/provision.go
+++ b/pkg/cluster/internal/providers/docker/provision.go
@@ -201,18 +201,7 @@ func commonArgs(cluster string, cfg *config.Cluster, networkName string, nodeNam
 	}
 
 	if cfg.Networking.DNSSearch != nil {
-		if len(*cfg.Networking.DNSSearch) == 0 {
-			return nil, errors.New("docker provider requires a non-empty dnsSearch")
-		}
-		for _, s := range *cfg.Networking.DNSSearch {
-			args = append(args, "--dns-search", s)
-		}
-		args = append(args, "--dns", "8.8.8.8")
-		args = append(args, "--dns", "8.8.4.4")
-		if config.ClusterHasIPv6(cfg) {
-			args = append(args, "--dns", "2001:4860:4860::8888")
-			args = append(args, "--dns", "2001:4860:4860::8844")
-		}
+		args = append(args, "-e", "KIND_DNS_SEARCH="+strings.Join(*cfg.Networking.DNSSearch, " "))
 	}
 
 	return args, nil
diff --git a/pkg/cluster/internal/providers/podman/provision.go b/pkg/cluster/internal/providers/podman/provision.go
index 3a5b2943df..a63cda333b 100644
--- a/pkg/cluster/internal/providers/podman/provision.go
+++ b/pkg/cluster/internal/providers/podman/provision.go
@@ -165,12 +165,7 @@ func commonArgs(cfg *config.Cluster, networkName string, nodeNames []string) ([]
 	}
 
 	if cfg.Networking.DNSSearch != nil {
-		if len(*cfg.Networking.DNSSearch) == 0 {
-			args = append(args, "--dns-search", "")
-		}
-		for _, s := range *cfg.Networking.DNSSearch {
-			args = append(args, "--dns-search", s)
-		}
+		args = append(args, "-e", "KIND_DNS_SEARCH="+strings.Join(*cfg.Networking.DNSSearch, " "))
 	}
 
 	return args, nil