Skip to content

Instantly share code, notes, and snippets.

Last active May 6, 2021
What would you like to do?
How to use CoreDNS w/ etcd backend

Setup CoreDNS w/ etcd backend

Why CoreDNS

[CoreDNS][coredns] was designed from the ground up to provide robust, plugin-based DNS server for use in cloud environments. Namely, it serves as the default primary service discovery mechanism for Kubernetes.

Using CoreDNS allows us to have a lightweight DNS server on RockNSM (11 Mb binary is all that's needed!) to facilitate multi-node service discovery. Alternatively, if another existing DNS service is available, this can be used instead. Aligning with the way the Kubernetes manages service discovery also allows us to build new RockNSM features in parallel with the coming Kubernetes support.

RockNSM Application

Once the service is available, the goal is to dynamically update the backend of CoreDNS with the SRV records for the infrastructure services needed within RockNSM.

The CoreDNS backend we will use for this is etcd. etcd is a key-value store developed by CoreOS (no relation to CoreDNS) to provide a highly reliable cluster datastore.

Ansible has an etcd3 module that will allow us to programmatically set these records. CoreDNS will dynamically be able to serve DNS with these updated values.

Manual Setup

Follow the accompanying script file to get a basic DNS service running. [coredns]:

HostIP=$(ip route get | awk 'NR==1 { print $7 }')
## Start the etcd backend
### NOTE: Added to advertised client urls to allow direct container communication
podman pull${ETCD_VERSION}
podman run -d \
-v /etc/pki/tls/certs/:/etc/ssl/certs \
-p 4001:4001 -p 2380:2380 -p 2379:2379 \
--name etcd \${ETCD_VERSION} etcd \
-name etcd0 \
-advertise-client-urls http://${HostIP}:2379,http://${HostIP}:4001,, \
-listen-client-urls, \
-initial-advertise-peer-urls http://${HostIP}:2380 \
-listen-peer-urls \
-initial-cluster-token etcd-cluster-1 \
-initial-cluster etcd0=http://${HostIP}:2380 \
-initial-cluster-state new
etcd_ip=$(podman inspect etcd | jq -r '.[].NetworkSettings.IPAddress')
## Start CoreDNS
### Drop Corefile
mkdir -p /etc/coredns
cat << 'EOF' > /etc/coredns/Corefile
. {
etcd rocknsm.lan {
path /skydns
endpoint http://{$ETCD_IP}:4001
upstream /etc/resolv.conf
cache 160 skydns.local
proxy . /etc/resolv.conf
### Pull and run container with above config
podman pull${COREDNS_VERSION}
podman run -d \
--name coredns \
-v /etc/coredns:/data:ro \
--env ETCD_IP=${HostIP} \
--publish 53:53/udp \${COREDNS_VERSION} -conf /data/Corefile
## Create some test data
### Add Forward entries
podman exec -ti --env=ETCDCTL_API=3 etcd /usr/local/bin/etcdctl \
put /skydns/lan/rocknsm/ "{\"host\":\"${HostIP}\",\"ttl\":60}"
### Reverse entries
podman exec -ti --env=ETCDCTL_API=3 etcd /usr/local/bin/etcdctl \
put /skydns/arpa/in-addr/$(echo $HostIP | tr '.' '/') '{"host": "rocknsm.lan"}'
### Check resolution
dig +short rocknsm.lan @localhost
dig +short -x ${HostIP} @localhost

This comment has been minimized.

Copy link

@penglin1995 penglin1995 commented Oct 18, 2019

I executed your scripts, but 'dig' command got no response. It seems not successfull...


This comment has been minimized.

Copy link

@sanfx sanfx commented Aug 28, 2020

I renamed the container name to coredns_2 but still I get error saying
Error: error creating container storage: the container name "coredns_2" is already in use by "38584e09ae10c642c5839c1a152277c7b3216df22ed847527e3af4a71a5be402". You have to remove that container to be able to reuse that name.: that name is already in use
Error: no container with name or ID etcd found: no such container
Error: no container with name or ID etcd found: no such container

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment