How to Change the Default DNS IPs Added to the VMs?
Problem
- Default DNS IPs
8.8.8.8
and1.1.1.1
are getting added to the VMs when there is no DNS configured on a subnet. - Default IPs are configured within the
neutron-server
/etc/neutron/plugins/ml2/ml2_conf.ini
file.
Environment
- Private Cloud Director Virtualization - v2025.4 and Higher.
- Self-Hosted Private Cloud Director Virtualization – v2025.4 and Higher.
- Component - Networking
Procedure
For SaaS environments, the Platform9 support team should be contacted to implement the changes.
For Self-Hosted environments, the changes should be carried out directly from the Management Plane cluster.
- A DNS entry is populating from the secret
neutron-etc
as shown below, which is referred in theneutron-server
deployment. The config file is in the form of base64 encoded within the secret. - The secret can be found in the corresponding region namespace
$ kubectl get secret -n <REGION_NAMESPACE>
$ kubectl get secret -n <REGION_NAMESPACE> neutron-etc -oyaml |grep ml2_conf.ini | awk '{print $2}' | base64 -d
[agent]
extensions =
[ml2]
extension_drivers = dns,port_security
mechanism_drivers = openvswitch,ovn,l2population
tenant_network_types = vxlan
type_drivers = flat,vlan,local,geneve,vxlan
[ml2_type_flat]
flat_networks = *
[ml2_type_geneve]
max_header_size = 38
vni_ranges = 4:4000
[ml2_type_vlan]
network_vlan_ranges = ext_net,physnet
[ml2_type_vxlan]
vni_ranges = 4:4000
vxlan_group = 239.1.1.1
[ovn]
dns_servers = 8.8.8.8,1.1.1.1 <<------------ DNS IP
enable_distributed_floating_ip = true
neutron_sync_mode = repair
ovn_l3_scheduler = leastloaded
To modify the default IPs, follow the below steps
Replace the <REGION_NAMESPACE> with an actual namespace
- Redirect the config to a file.
$ kubectl get secret -n <REGION_NAMESPACE> neutron-etc -oyaml |grep ml2_conf.ini | awk '{print $2}' | base64 -d > secret_neutron-etc_ml2_conf.ini
- Modify the file by replacing the IPs against
dns_servers
with your preferred IPs and Encode the file using base64.
x
$ vi secret_neutron-etc_ml2_conf.ini // Update prefered DNS IPs in dns_servers field
$ base64 secret_neutron-etc_ml2_conf.ini -w0 // Encoding the file with new values
- Edit the secret and replace the existing base64 encoded data with the new one on the variable
ml2_conf.ini
within the secret.
$ kubectl edit secret -n <REGION_NAMESPACE> neutron-etc
secret/neutron-etc edited
- Run the following command to verify whether a new IP is being retrieved from the secret.
$ kubectl get secret -n <REGION_NAMESPACE> neutron-etc -oyaml |grep ml2_conf.ini | awk '{print $2}' | base64 -d
- Scale the
neutron-server
deployment to0
. Once the pods are successfully terminated, scale it back to2
.
$ kubectl scale deploy/neutron-server -n <REGION_NAMESPACE> --replicas=0
deployment.apps/neutron-server scaled
$ kubectl scale deploy/neutron-server -n <REGION_NAMESPACE> --replicas=2
deployment.apps/neutron-server scaled
- Verify that new DNS IPs are being received within the pod.
$ kubectl exec -it -n <REGION_NAMESPACE> <NEUTRON_SERVER_POD> -c neutron-server -- cat /etc/neutron/plugins/ml2/ml2_conf.ini
- Now, a VM should be created by attaching it to a network or subnet that does not have DNS configured manually. Once the VM is up and running, log in to it and execute the commands below to verify that the new IPs are reflected.
Note: These changes will not be reflected in the existing virtual machines.
$ resolvctl dns
$ ip route | grep <NEW_DNS_IP>
Was this page helpful?