I have an install of Rancher 2.1.1 in HA mode with three nodes. However I am having issues getting rancher to actually connect to anything externally like the catalogs or GitLab.com to configure a pipeline. In the logs for the Catalog I am getting this error:
[ERROR] CatalogController library [catalog] failed with : Error in HTTP GET to [https://git.rancher.io/charts/index.yaml], error: Get https://git.rancher.io/charts/index.yaml: x509: certificate is valid for *.celestialdata.net, not git.rancher.io
From what I can see, the system is adding options ndots:5 to the /etc/resolv.conf file in the container. Is there a way to set that to 1 or remove it altogether? It is also slowing down other DNS queries significantly. I would rather it just not be there.
I have found a temporary workaround, and that is to edit the rancher workload under the cattle-system namespace and add a host alias for git.rancher.io and using the IP address that is resolved to on a working system however this is not ideal as I have to do it for each domain. Does anyone know how I can achieve what I am looking for?