Estimated reading time: 3 minutes
CoreDNS is a flexible and scalable DNS server. It is a critical component in Kubernetes for service discovery. In some scenarios, you may need to configure CoreDNS to forward DNS queries to custom nameservers, such as for resolving internal domain names or using specific DNS services. This blog post will guide you through adding a custom nameserver to CoreDNS in a Kubernetes cluster.
Table of contents
Use Cases for adding a custom nameserver to CoreDNS in Kubernetes
Here are some typical use cases when you might want to add a custom nameserver to CoreDNS in Kubernetes:
- Internal Domain Resolution: If you need to resolve internal domain names, you can configure CoreDNS to forward queries to your internal DNS server.
- Custom DNS Services: Similarly, you might want to use specific DNS services for various purposes.
- Hybrid Cloud Environments: In hybrid cloud environments, you may need to resolve domain names from both on-premises and cloud resources.
Steps to update the nameserver
We’ll look at two scenarios for configuring a custom nameserver in CoreDNS.
Scenario 1: Forward all DNS requests to a custom nameserver
If you want to add a custom nameserver to your CoreDNS config to handle all DNS queries, you can add the nameserver to the .:53
root block’s forward plugin, separating each entry with a space.
Step 1: Find the configmap for CoreDNS. The configmap will be in the kube-system
namespace, and is stored as coredns
.
kubectl get configmap coredns -n kube-system -o yaml
Step 2: Edit the CoreDNS ConfigMap.
kubectl edit configmap coredns -n kube-system
Step 3: Add the Forwarding Rule
Add a forward
plugin to direct queries to your custom nameserver. For example, to add 10.0.0.1 and 172.16.0.1 nameservers, you would add the following Custom Nameserver configuration to CoreDNS:
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
errors
health
kubernetes cluster.local in-addr.arpa ip6.arpa {
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
forward . 10.0.0.1 172.16.0.1 /etc/resolv.conf
cache 30
loop
reload
loadbalance
}
In this case, DNS queries for all domains are forwarded to the custom nameservers configured. First, the requests are forwarded to 10.0.0.1 and then to 172.16.0.1. Eventually, the request is forwarded to the /etc/resolve.conf file of the Kubernetes Node at.
Step 4: Save and Apply the Changes
Finally, after editing the ConfigMap, save your changes. Soon, the CoreDNS pods will automatically reload the new configuration in a few seconds.
Scenario 2: Forward a specific domain to a custom nameserver
Similarly, create a new block with a domain name if you want to forward a DNS requests for that domain to a custom nameserver, .
Step 1: Find the configmap for CoreDNS. Usually, the CoreDNS configmap will be in the kube-system
namespace, and stored as coredns
.
kubectl get configmap coredns -n kube-system -o yaml
Step 2: Edit the CoreDNS ConfigMap.
kubectl edit configmap coredns -n kube-system
Step 3: Add the Forwarding Rule:
Add a forward
plugin to direct queries to your custom nameserver. For example, to forward all .socketdaddy.com queries to 10.0.0.1, you would add the following Custom Nameserver config to CoreDNS:
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
errors
health
kubernetes cluster.local in-addr.arpa ip6.arpa {
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
forward . /etc/resolv.conf
cache 30
loop
reload
loadbalance
}
socketdaddy.com:53 {
forward . 10.0.0.1
}
In this case, any DNS query for “socketdaddy.com” will be forwarded to the custom nameserver at “10.0.0.1“.
Step 4: Save and Apply the Changes.
Finally, fter editing the ConfigMap, save your changes. Soon, the CoreDNS pods will automatically reload the new configuration in a few seconds.
Verifying the changes
Verify that your custom nameserver is correctly configured and working. Create a test pod and use the dig
command to check the DNS resolution:
kubectl apply -f https://k8s.io/examples/admin/dns/dnsutils.yaml
kubectl exec -i -t dnsutils -- dig socketdaddy.com
You should see that the DNS queries are being forwarded to your custom nameserver and receiving the expected responses.