Skip to content

Commit

Permalink
Update content on kube-dns to coredns configmap translation (kubernet…
Browse files Browse the repository at this point in the history
…es#13826)

Updates and corrects the part of configmap for CoreDNS
  • Loading branch information
rajansandeep authored and matthyx committed Jun 19, 2019
1 parent d778644 commit 02e606b
Showing 1 changed file with 16 additions and 22 deletions.
38 changes: 16 additions & 22 deletions content/en/docs/tasks/administer-cluster/dns-custom-nameservers.md
Original file line number Diff line number Diff line change
Expand Up @@ -78,11 +78,10 @@ data:
health
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
upstream
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
proxy . /etc/resolv.conf
forward . /etc/resolv.conf
cache 30
loop
reload
Expand All @@ -97,10 +96,8 @@ The Corefile configuration includes the following [plugins](https://coredns.io/p
> The `pods insecure` option is provided for backward compatibility with kube-dns. You can use the `pods verified` option, which returns an A record only if there exists a pod in same namespace with matching IP. The `pods disabled` option can be used if you don't use pod records.

> `Upstream` is used for resolving services that point to external hosts (External Services).

* [prometheus](https://coredns.io/plugins/prometheus/): Metrics of CoreDNS are available at http://localhost:9153/metrics in [Prometheus](https://prometheus.io/) format.
* [proxy](https://coredns.io/plugins/proxy/): Any queries that are not within the cluster domain of Kubernetes will be forwarded to predefined resolvers (/etc/resolv.conf).
* [forward](https://coredns.io/plugins/forward/): Any queries that are not within the cluster domain of Kubernetes will be forwarded to predefined resolvers (/etc/resolv.conf).
* [cache](https://coredns.io/plugins/cache/): This enables a frontend cache.
* [loop](https://coredns.io/plugins/loop/): Detects simple forwarding loops and halts the CoreDNS process if a loop is found.
* [reload](https://coredns.io/plugins/reload): Allows automatic reload of a changed Corefile. After you edit the ConfigMap configuration, allow two minutes for your changes to take effect.
Expand All @@ -110,7 +107,7 @@ You can modify the default CoreDNS behavior by modifying the ConfigMap.

### Configuration of Stub-domain and upstream nameserver using CoreDNS

CoreDNS has the ability to configure stubdomains and upstream nameservers using the [proxy plugin](https://coredns.io/plugins/proxy/).
CoreDNS has the ability to configure stubdomains and upstream nameservers using the [forward plugin](https://coredns.io/plugins/forward/).

#### Example
If a cluster operator has a [Consul](https://www.consul.io/) domain server located at 10.150.0.1, and all Consul names have the suffix .consul.local. To configure it in CoreDNS, the cluster administrator creates the following stanza in the CoreDNS ConfigMap.
Expand All @@ -119,18 +116,15 @@ If a cluster operator has a [Consul](https://www.consul.io/) domain server locat
consul.local:53 {
errors
cache 30
proxy . 10.150.0.1
forward . 10.150.0.1
}
```
To explicitly force all non-cluster DNS lookups to go through a specific nameserver at 172.16.0.1, point the `proxy` and `upstream` to the nameserver instead of `/etc/resolv.conf`
To explicitly force all non-cluster DNS lookups to go through a specific nameserver at 172.16.0.1, point the `forward` to the nameserver instead of `/etc/resolv.conf`
```
proxy . 172.16.0.1
forward . 172.16.0.1
```
```
upstream 172.16.0.1
```
The final ConfigMap along with the default `Corefile` configuration looks like:
Expand All @@ -147,11 +141,10 @@ data:
health
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
upstream 172.16.0.1
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
proxy . 172.16.0.1
forward . 172.16.0.1
cache 30
loop
reload
Expand All @@ -160,10 +153,12 @@ data:
consul.local:53 {
errors
cache 30
proxy . 10.150.0.1
forward . 10.150.0.1
}
```
In Kubernetes version 1.10 and later, kubeadm supports automatic translation of the CoreDNS ConfigMap from the kube-dns ConfigMap.
***Note: While kube-dns accepts an FQDN for stubdomain and nameserver (eg: ns.foo.com), CoreDNS does not support this feature.
During translation, all FQDN nameservers will be omitted from the CoreDNS config.***

## Kube-dns

Expand Down Expand Up @@ -308,7 +303,7 @@ data:
## CoreDNS configuration equivalent to kube-dns

CoreDNS supports the features of kube-dns and more.
A ConfigMap created for kube-dns to support `StubDomains`and `upstreamNameservers` translates to the `proxy` plugin in CoreDNS.
A ConfigMap created for kube-dns to support `StubDomains`and `upstreamNameservers` translates to the `forward` plugin in CoreDNS.
Similarly, the `Federations` plugin in kube-dns translates to the `federation` plugin in CoreDNS.

### Example
Expand Down Expand Up @@ -341,12 +336,12 @@ federation cluster.local {
abc.com:53 {
errors
cache 30
proxy . 1.2.3.4
forward . 1.2.3.4
}
my.cluster.local:53 {
errors
cache 30
proxy . 2.3.4.5
forward . 2.3.4.5
}
```

Expand All @@ -357,26 +352,25 @@ The complete Corefile with the default plugins:
errors
health
kubernetes cluster.local in-addr.arpa ip6.arpa {
upstream 8.8.8.8 8.8.4.4
pods insecure
fallthrough in-addr.arpa ip6.arpa
}
federation cluster.local {
foo foo.feddomain.com
}
prometheus :9153
proxy . 8.8.8.8 8.8.4.4
forward . 8.8.8.8 8.8.4.4
cache 30
}
abc.com:53 {
errors
cache 30
proxy . 1.2.3.4
forward . 1.2.3.4
}
my.cluster.local:53 {
errors
cache 30
proxy . 2.3.4.5
forward . 2.3.4.5
}
```

Expand Down

0 comments on commit 02e606b

Please sign in to comment.