Customizing CoreDNS forwarders on Kubernetes

Customizing CoreDNS forwarders on Kubernetes

Fabrice Carrel's photo
Fabrice Carrel
·

2 min read

In some cases you will need to use your internal DNS servers for name resolution.

To achieve this you will need to modify the CoreDNS configuration of your Kubernetes cluster and add your DNS servers as forwarders.

CoreDNS is a DNS server that is modular and pluggable, and each plugin adds new functionality to CoreDNS. This can be configured by maintaining a Corefile , which is the CoreDNS configuration file. As a cluster administrator, you can modify the ConfigMap for the CoreDNS Corefile to change how DNS service discovery behaves for that cluster.

In Kubernetes, CoreDNS is installed with the following default Corefile configuration:

apiVersion: v1
kind: ConfigMap
metadata:
  name: coredns
  namespace: kube-system
data:
  Corefile: |
    .:53 {
        errors
        health {
            lameduck 5s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
            pods insecure
            fallthrough in-addr.arpa ip6.arpa
            ttl 30
        }
        prometheus :9153
        forward . /etc/resolv.conf
        cache 30
        loop
        reload
        loadbalance
    }

To explicitly force all non-cluster DNS lookups to go through your specific nameservers, at 172.16.0.1 and 172.16.0.2 for example, point the forward to the ip adresses of your servers instead of /etc/resolv.conf

To do so, edit the coredns ConfigMap

kubectl -n kube-system edit cm coredns

and replace forward . /etc/resolv.conf by forward . 172.16.0.1 172.16.0.2

apiVersion: v1
kind: ConfigMap
metadata:
  name: coredns
  namespace: kube-system
data:
  Corefile: |
    .:53 {
        errors
        health {
            lameduck 5s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
            pods insecure
            fallthrough in-addr.arpa ip6.arpa
            ttl 30
        }
        prometheus :9153
        forward . 172.16.0.1 172.16.0.2
        cache 30
        loop
        reload
        loadbalance
    }

Don't forget to keep the dot (.) in the forward line.

You can now force your CoreDNS deployment do redeploy the coredns pods with a scale 0 to 1 operation.

kubectl -n kube-system scale deployment coredns --replicas=0
kubectl -n kube-system scale deployment coredns --replicas=1

With this configuration the pods running on the cluster can now perform name resolution to your internal DNS servers.

Feel free to comment this article if you have questions.

https://www.cisel.ch

References kubernetes.io/docs/tasks/administer-cluster..

KubernetesDevopsYAML