40 Days Of Kubernetes (31/40)
Sina Tavakkol
Posted on August 26, 2024
Day 31/40
Understanding CoreDNS In Kubernetes
Video Link
@piyushsachdeva
Git Repository
My Git Repo
In this section, we're looking at coredns
concept in kubernetes
.
workloads in kubernetes
cluster can communicate with each other with coredns
.
root@localhost:~# kubectl get pod -n=kube-system
NAME READY STATUS RESTARTS AGE
coredns-7db6d8ff4d-7dwv7 1/1 Running 0 9d
coredns-7db6d8ff4d-tmb52 1/1 Running 0 9d
...
root@localhost:~# kubectl get svc -n=kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 9d
root@localhost:~# kubectl get pod
NAME READY STATUS RESTARTS AGE
task-pv-pod 1/1 Running 0 3d21h
root@localhost:~# kubectl exec task-pv-pod -- cat /etc/resolv.conf
search default.svc.cluster.local svc.cluster.local cluster.local
nameserver 10.96.0.10
options ndots:5
As we can see, the dns
is set in resolv.conf
file inside the pod
, so everything across the cluster
can be resolved with coredns
service.
root@localhost:~# kubectl exec task-pv-pod -- cat /etc/hosts
# Kubernetes-managed hosts file.
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
fe00::0 ip6-mcastprefix
fe00::1 ip6-allnodes
fe00::2 ip6-allrouters
192.168.2.202 task-pv-pod
root@localhost:~# kubectl exec task-pv-pod -- hostname -i
192.168.2.202
Let's check something on one of the coredns
pods:
root@localhost:~# kubectl describe pod coredns-7db6d8ff4d-7dwv7 -n=kube-system
Name: coredns-7db6d8ff4d-7dwv7
Namespace: kube-system
Priority: 2000000000
Priority Class Name: system-cluster-critical
Service Account: coredns
...
Image: registry.k8s.io/coredns/coredns:v1.11.1
...
Mounts:
/etc/coredns from config-volume (ro)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-t6mss (ro)
...
Volumes:
config-volume:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: coredns
Optional: false
...
There's a ConfigMap
for coredns
which is mounted as volume
to the pod
.
root@localhost:~# kubectl get cm -n=kube-system
NAME DATA AGE
coredns 1 9d
...
root@localhost:~# kubectl describe cm coredns -n=kube-system
Name: coredns
Namespace: kube-system
Labels: <none>
Annotations: <none>
Data
====
Corefile:
----
.:53 {
errors
health {
lameduck 5s
}
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
prometheus :9153
forward . /etc/resolv.conf {
max_concurrent 1000
}
cache 30
loop
reload
loadbalance
}
BinaryData
====
Events: <none>
The official documentation is here and for debugging is here and sample ConfigMap
yaml file:
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
log
errors
health
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
upstream
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
forward . /etc/resolv.conf
cache 30
loop
reload
loadbalance
}
If you have no error and your coredns
doesn't come up, we can look at the CNI
at first because it can be the first dependency for our coredns
service.
Posted on August 26, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.