Available in editions: CE, BE, SE, SE+, EE
The module lifecycle stage: General Availability
The module has 1 alert.
The module is enabled by default in the Default bundle.
The module is disabled by default in the following bundles: Managed, Minimal.
How to explicitly enable the module…
You may explicitly enable or disable the module in one of the following ways:
-
Via Deckhouse web UI. In the “System” → “System Management” → “Deckhouse” → “Modules” section, open the
kube-dnsmodule and enable (or disable) the “Module enabled” toggle. Save changes.Example:
-
Via Deckhouse CLI (d8).
Use the d8 system module enable command for enabling, or d8 system module disable command for disabling the module (you need Deckhouse CLI (d8), configured to work with the cluster).
Example of enabling the module:
d8 system module enable kube-dns -
Using ModuleConfig
kube-dns.Set
spec.enabledtotrueorfalsein ModuleConfigkube-dns(create it if necessary);Example of a manifest to enable module
kube-dns:apiVersion: deckhouse.io/v1alpha1 kind: ModuleConfig metadata: name: kube-dns spec: enabled: true
You can configure the module in one of the following ways:
-
Via Deckhouse web UI.
In the “System” → “System Management” → “Deckhouse” → “Modules” section, open the
kube-dnsmodule and enable the “Advanced Settings” switch. Fill in the required fields in the “Configuration” tab or specify the module settings in YAML format on the “YAML” tab, excluding the settings section. Save the changes.Example:
You can also edit the ModuleConfig object
kube-dnson the “YAML” tab in the module settings window (“System” → “System Management” → “Deckhouse” → “Modules”, open the modulekube-dns) by specifying the schema version in thespec.versionparameter and the necessary module parameters in thespec.settingssection. -
Via Deckhouse CLI (d8) (requires Deckhouse CLI (d8) configured to work with the cluster).
Edit the existing ModuleConfig
kube-dns(for more details on configuring Deckhouse, see the documentation) by executing the following command:d8 k edit mc kube-dnsMake the necessary changes in the
spec.settingssection. If necessary, specify the schema version in thespec.versionparameter. Save the changes.You can also create a file with manifest for ModuleConfig
kube-dnsusing the example below. Fill in thespec.settingssection with the required module parameters. If necessary, specify the schema version in thespec.versionparameter.Apply the manifest using the following command (indicate the manifest file name):
d8 k apply -f <FILENAME>Example of a manifest for ModuleConfig
kube-dns:apiVersion: deckhouse.io/v1alpha1 kind: ModuleConfig metadata: name: kube-dns spec: version: 1 enabled: true settings: # Module parameters from the "Parameters" section below.
Parameters
Schema version: 1
- objectsettings
- array of stringssettings.clusterDomainAliases
A list of cluster domain aliases; these are resolved on par with
global.discovery.clusterDomain.Please note: the domain alias must not match the domain used in the DNS name template in the publicDomainTemplate parameter.
- stringElement of the array
Pattern:
^[0-9a-zA-Z\.-]+$
- booleansettings.enableLogs
Enable CoreDNS logging.
Default:
false - array of objectssettings.hosts
Not required value.
A static list of hosts similar to that of
/etc/hosts.- stringsettings.hosts.domain
Pattern:
^[0-9a-zA-Z\.-]+$ - stringsettings.hosts.ip
Pattern:
^[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}$
- array of objectssettings.stubZones
A list of additional zones CoreDNS should be authoritative for.
Default:
[]Example:
stubZones: - zone: example.com upstreamNameservers: - 8.8.8.8 cacheTTLSeconds: 3600 transportProtocolMode: PreferUDP- integersettings.stubZones.cacheTTLSeconds
Max TTL in seconds for NOERROR responses.
Default:
30Allowed values:
1 <= X <= 3600 - stringsettings.stubZones.transportProtocolMode
The mode of the transport protocol for communicating with the upstream DNS server:
PreferUDP— UDP is used, even if the original request came over TCP. Note that if the DNS response from the upstream DNS server exceeds 512 bytes and has been truncated and marked with the TC bit (RFC 1035), then it will be resent over TCP (RFC 5966). The request will not be resent over TCP if there are other UDP issues.ForceTCP— Always uses TCP, even if the original request is over UDP.KeepOriginal— Uses the same protocol (TCP or UDP) as the original request.
Default:
PreferUDPAllowed values:
PreferUDP,ForceTCP,KeepOriginal - array of stringssettings.stubZones.upstreamNameservers
Required value
A list of IP addresses of recursive DNS servers that CoreDNS will use to resolve domains in this zone.
- stringElement of the array
Pattern:
^[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}(:[0-9]{1,})?$
- stringsettings.stubZones.zone
Required value
The CoreDNS zone.
Pattern:
^[0-9a-zA-Z\.\-_]+$Example:
zone: consul.local
- stringsettings.transportProtocolMode
The mode of the transport protocol for communicating with the upstream DNS server:
PreferUDP— UDP is used, even if the original request came over TCP. Note that if the DNS response from the upstream DNS server exceeds 512 bytes and has been truncated and marked with the TC bit (RFC 1035), then it will be resent over TCP (RFC 5966). The request will not be resent over TCP if there are other UDP issues.ForceTCP— Always uses TCP, even if the original request is over UDP.KeepOriginal— Uses the same protocol (TCP or UDP) as the original request.
Default:
PreferUDPAllowed values:
PreferUDP,ForceTCP,KeepOriginal - array of stringssettings.upstreamNameservers
A list of IP addresses of recursive DNS servers that CoreDNS will use to resolve external domains.
By default, the
/etc/resolv.conflist is used.- stringElement of the array
Pattern:
^[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}(:[0-9]{1,})?$