Create a custom CoreDNS configuration
CoreDNS in LKE
Linode Kubernetes Engine (LKE) provides out of the box intra-cluster domain name resolution via CoreDNS, the DNS server. Every new cluster is provided with a minimal, default CoreDNS configuration, which can be customized to suit your workload's needs.
Before you begin
This guide assumes you have a working Linode Kubernetes Engine (LKE) cluster running on Linode and you are familiar with Corefile, the CoreDNS configuration file.
-
Install the Kubernetes CLI (
kubectl
) on the local computer. -
Follow the instructions in Deploying and Managing a Cluster with Linode Kubernetes Engine Tutorial to connect to an LKE cluster.
Ensure that the
KUBECONFIG
context is persistent -
Ensure that Kubernetes CLI is using the right cluster context. Run the
get-contexts
subcommand to check:kubectl config get-contexts
Default CoreDNS configuration
You can view your cluster's default CoreDNS configuration by using the following command:
kubectl get configmap -n kube-system coredns-base -o yaml
The output will resemble the following:
apiVersion: v1
data:
Corefile: |
.:53 {
errors
health {
lameduck 5s
}
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
prometheus :9153
forward . /etc/resolv.conf {
max_concurrent 1000
}
cache 30
loop
reload
loadbalance
import custom/*.include
}
import custom/*.server
kind: ConfigMap
metadata:
name: coredns-base
namespace: kube-system
[...]
The default CoreDNS configuration is located under the Corefile
field in the above ConfigMap.
Do not modify the
kube-system/coredns-base
ConfigMap that comes with your LKE cluster. It may be restored to its original state at any time and without notice.
Custom CoreDNS configuration
The default CoreDNS configuration leverages the CoreDNS import
plugin to enable customization. Configuration extensions are added through fields in the kube-system/coredns-custom
ConfigMap:
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns-custom
namespace: kube-system
data:
sample.include: |
# Added to the .:53 default Server Block.
sample_a.server: |
# Additional Server Block.
sample_b.server: |
# Another Server Block.
- Fields suffixed with
.include
are added to the default Server Block. - Fields suffixed with
.server
are added as new Server Blocks.
Create a custom configuration
-
Create a manifest for a ConfigMap named
coredns-custom
in thekube-system
namespace, with the desired configuration. For the purpose of this guide, an example custom configuration is used. Save it as thecoredns-custom.yaml
file.apiVersion: v1 kind: ConfigMap metadata: name: coredns-custom namespace: kube-system data: # Log all incoming DNS queries. log.include: | log # Private DNS resolution example. Handles FQDN resolutions for *.mydomain.com # Replace <dns-private-ip> with the target IP address. mydomain.server: | mydomain.com.:53 { forward . <dns-private-ip> }
-
Apply the above ConfigMap manifest:
kubectl apply -f coredns-custom.yaml
CoreDNS will attempt to reload the configuration within 45 seconds after the last modification.
-
Ensure the custom configuration has been loaded:
kubectl logs -n kube-system -l k8s-app=kube-dns
For the custom configuration shown above, the output will resemble the following, after the reload is complete:
[INFO] Reloading [INFO] plugin/health: Going into lameduck mode for 5s [INFO] 127.0.0.1:60399 - 40866 "HINFO IN 349145763287755047.2816822520842364744. udp 56 false 512" NXDOMAIN qr,rd,ra 131 0.000980597s [INFO] plugin/reload: Running configuration SHA512 = 868c96ccca274c442fefc8db8e98b1f4a5cd05c655db1d990803d4019e5d28af101b24a78f85bae7ab3a3f8894f2791fda9d2b4d9c6ae1aa942080e1a88ce3e6 [INFO] Reloading complete
The custom configuration is now in effect.
The
kube-system/coredns-custom
ConfigMap is persistent and will not be affected by LKE maintenance operations.
Restore the defaults
-
To restore the default CoreDNS configuration, simply delete the
coredns-custom
ConfigMap:kubectl delete -n kube-system coredns-custom
-
Check the logs to make sure the reload was successful:
kubectl logs -n kube-system -l k8s-app=kube-dns
The output looks similar to the one emitted after applying the custom configuration.
[INFO] Reloading [INFO] plugin/health: Going into lameduck mode for 5s [WARNING] No files matching import glob pattern: custom/*.include [WARNING] No files matching import glob pattern: custom/*.server [INFO] plugin/reload: Running configuration SHA512 = 591cf328cccc12bc490481273e738df59329c62c0b729d94e8b61db9961c2fa5f046dd37f1cf888b953814040d180f52594972691cd6ff41be96639138a43908 [INFO] Reloading complete
The emitted warning messages are now to be expected, and should not be a concern.
Updated 4 months ago