Skip to content

Instantly share code, notes, and snippets.

@janeczku

janeczku/k8s-coredns-configmap.md

Last active February 20, 2024 11:59
Show Gist options
  • Save janeczku/d7cc4426c64eb0d33410895537d3f5ed to your computer and use it in GitHub Desktop.
Save janeczku/d7cc4426c64eb0d33410895537d3f5ed to your computer and use it in GitHub Desktop.
Download ZIP
K8s External Service Example
Raw
k8s-coredns-configmap.md

Customizing CoreDNS configmap

Generally you should use K8s services objects to define custom DNS mappings. However some advanced DNS setups might not be possible then, for example if you need to create wildcard DNS aliases.

In this case, you can create custom DNS records in the cluster's internal DNS service (kube-dns) by editing the coredns configmap like below. Here we are adding the file plugin to describe an authoritative zone containing a wildcard A record and we also create the required zone file.

apiVersion: v1
kind: ConfigMap
metadata:
  name: rke2-coredns-rke2-coredns
(TRUNCATED)
data:
  Corefile: |+
    .:53 {
        errors 
        health  {
            lameduck 5s
        }
        ready 
        kubernetes   cluster.local  cluster.local in-addr.arpa ip6.arpa {
            pods insecure
            fallthrough in-addr.arpa ip6.arpa
            ttl 30
        }
        prometheus   0.0.0.0:9153
        forward   . /etc/resolv.conf
        cache   30
        loop 
        reload 
        loadbalance
        file /etc/coredns/custom-zone.db mcc226.3gppnetwork.org {
          upstream
        }
    }
  custom-zone.db: |+
    $TTL 3600
    *.5gc.mnc123.mcc226.3gppnetwork.org. IN A 17.125.1.124
Raw
k8s-ext-name.md

K8s External Service Example

An External Service in Kubernetes is useful when you have a service that is running outside your Kubernetes cluster, such as a database, and you want to access it from within your cluster under a specific DNS name.

Technically, an External Service works by creating a CNAME record in the cluster DNS database that resolves to the public DNS name of an external service.

Example:

By creating an ExternalName Service named mysql-prod with the externalName field set to 123.mysql.acme.com any K8s application looking up the hostname mysql-prod will eventually yield the IP address associated with the hostname 123.mysql.acme.com.

Example Manifest:

apiVersion: v1
kind: Service
metadata:
  name: mysql-prod
  namespace: default
spec:
  type: ExternalName
  externalName: 123.mysql.acme.com
Raw
k8s-headless-service.md

Headless Service

Sometimes using a CNAME to map an external service to an internal service name doesn't work. For example in the case of HTTP-based services where the hostname is included in the client request.

In this cases we can create a custom service mapping directly to the IP address of the external service, by configuring a headless service and a custom endpoint like so:

Example Manifest:

apiVersion: v1
kind: Service
metadata:
  name: mysql-prod
  namespace: default
spec:
  ports:
    - port: 3306
      protocol: TCP
      targetPort: 3306
      name: mysql
---
apiVersion: v1
kind: Endpoints
metadata:
  name: mysql-prod
  namespace: default
subsets:
- addresses:
  - ip: 17.125.1.124 # IP address of the external service
  ports:
  - port: 3306
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment