Add node-local-dns enablement to rolling update trigger docs (garde…

…ner#8704) * Add `node-local-dns` enablement to rolling update trigger docs * Address PR review feedback
lukasfrank · Oct 27, 2023 · ea09a91 · ea09a91
1 parent 2241129
commit ea09a91
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 5 deletions.
diff --git a/docs/usage/node-local-dns.md b/docs/usage/node-local-dns.md
@@ -39,12 +39,10 @@ spec:
 
 It is worth noting that: 
 
-- When migrating from IPVS to IPTables, existing pods will continue to leverage the node-local-dns cache. 
+- When migrating from IPVS to IPTables, existing pods will continue to leverage the node-local-dns cache.
 - When migrating from IPtables to IPVS, only newer pods will be switched to the node-local-dns cache.
-- The annotation will take effect during the next shoot reconciliation. This happens automatically once per day in the maintenance period (unless you have disabled it). 
-- During the reconfiguration of the node-local-dns there might be a short disruption in terms of domain name resolution depending on the setup. Usually, DNS requests are repeated for some time as UDP is an unreliable protocol, but that strictly depends on the application/way the domain name resolution happens. It is recommended to let the shoot be reconciled during the next maintenance period. 
-- If a short DNS outage is not a big issue, you can [trigger reconciliation](./shoot_operations.md#immediate-reconciliation) directly after setting the annotation.
-- Switching node-local-dns off by removing the annotation can be a rather destructive operation that will result in pods without a working DNS configuration.
+- During the reconfiguration of the node-local-dns there might be a short disruption in terms of domain name resolution depending on the setup. Usually, DNS requests are repeated for some time as UDP is an unreliable protocol, but that strictly depends on the application/way the domain name resolution happens. It is recommended to let the shoot be reconciled during the next maintenance period.
+- Enabling or disabling node-local-dns triggers a rollout of all shoot worker nodes, see also [this document](shoot_updates.md#rolling-update-triggers).
 
 For more information about `node-local-dns`, please refer to the [KEP](https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/1024-nodelocal-cache-dns/README.md) or to the [usage documentation](https://kubernetes.io/docs/tasks/administer-cluster/nodelocaldns/). 
 

diff --git a/docs/usage/shoot_updates.md b/docs/usage/shoot_updates.md
@@ -85,6 +85,7 @@ The complete list of fields that trigger a rolling update:
 * `.spec.provider.workers[].providerConfig`
 * `.spec.provider.workers[].cri.name`
 * `.spec.provider.workers[].kubernetes.version` (except for patch version changes)
+* `.spec.systemComponents.nodeLocalDNS.enabled`
 * `.status.credentials.rotation.certificateAuthorities.lastInitiationTime` (changed by Gardener when a shoot CA rotation is initiated)
 * `.status.credentials.rotation.serviceAccountKey.lastInitiationTime` (changed by Gardener when a shoot service account signing key rotation is initiated)