logo

Kubernetes - DNS

Kubernetes creates DNS records for Services and Pods. You can contact Services with consistent DNS names instead of IP addresses.

Every Service and Pod defined in the cluster (including the DNS server itself) is assigned a DNS name. You can contact Services with consistent DNS names instead of IP addresses.

Since kubeadm v1.24, the only supported cluster DNS application is CoreDNS. (Support for kube-dns was removed.)

When a pod performs a DNS lookup, the query is first sent to the DNS cache on the node where the pod is running. If the cache does not contain the IP address for the requested hostname, the query is forwarded to the cluster DNS server. This server handles service discovery in Kubernetes.

DNS in Pod: The kubelet running on each Node configures the Pod's /etc/resolv.conf.

If you modify the ConfigMap for kube-dns to include upstreamNameservers, kube-dns forwards all DNS requests except *.cluster.local to those servers.

Kubelet configures Pods' DNS so that running containers can lookup Services by name rather than IP.

What objects get DNS records?

  • Services
  • Pods

DNS queries may be expanded using the Pod's /etc/resolv.conf, so k8s local DNS names may look like:

  • <service>.<namespace>.svc.cluster.local
  • <pod-ipv4>.<namespace>.svc.cluster.local (e.g. 172-17-0-3.default.pod.cluster.local)
  • <pod-ipv4>.<service>.<namespace>.svc.cluster.local

Which DNS Plugin to use?

CoreDNS.

kube-dns was a legacy service, now just use coredns; however the service of coredns is still named kube-dns to ensure greater interoperability with workloads that relied on the legacy kube-dns Service name to resolve addresses internal to the cluster."

coredns: watches Endpoints via the discovery.EndpointSlices API.

Old kube-dns vs coredns: kube-dns used dnsmasq for caching, which is single threaded C, so it can only use one core per instance. CoreDNS is multi-threaded Go.

Where to find CoreDNS?

coredns is a DNS server, i.e. you can find a deployment and a set of running pods named coredns. There should be a cooresponding kube-dns service.

The pods should have this in the yaml:

containers:
  - args:
      - -conf
      - /etc/coredns/Corefile

To check the content of /etc/coredns/Corefile, check the next section.

Where to find CoreDNS config files?

The Corefile is CoreDNS’s configuration file.

Corefile content can be found in a ConfigMap, normally named coredns or coredns-config in kube-system namespace.

$ kubectl get ConfigMap coredns -n kube-system -o yaml

If you change the ConfigMap data Corefile then /etc/cordns/Corefile will also be changed.

How to support cross cluster DNS?

k8s supports local DNS; to support cross cluster DNS:

  • one instance of CoreDNS runs on the cluster nodes to support cluster.local queries.
  • another instance of CoreDNS is exposed as LoadBalancer service to support cross cluster queries.
logo
PRIVACY POLICYABOUT中文