Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • v2.27.0
  • v2.25.1
  • v2.24.3
  • v2.26.0
  • v2.24.2
  • v2.25.0
  • v2.24.1
  • v2.22.2
  • v2.23.3
  • v2.24.0
  • v2.23.2
  • v2.23.1
  • v2.23.0
  • v2.22.1
  • v2.22.0
  • v2.21.0
  • v2.20.0
  • v2.19.1
  • v2.18.2
  • v2.19.0
21 results
Blame Permalink
dns-stack.md 12.90 KiB

K8s DNS stack by Kubespray

For K8s cluster nodes, Kubespray configures a Kubernetes DNS cluster add-on to serve as an authoritative DNS server for a given dns_domain and its svc, default.svc default subdomains (a total of ndots: 5 max levels).

Other nodes in the inventory, like external storage nodes or a separate etcd cluster node group, considered non-cluster and left up to the user to configure DNS resolve.

DNS variables

There are several global variables which can be used to modify DNS settings:

ndots

ndots value to be used in /etc/resolv.conf

It is important to note that multiple search domains combined with high ndots values lead to poor performance of DNS stack, so please choose it wisely.

dns_timeout

timeout value to be used in /etc/resolv.conf

dns_attempts

attempts value to be used in /etc/resolv.conf

searchdomains

Custom search domains to be added in addition to the cluster search domains (default.svc.{{ dns_domain }}, svc.{{ dns_domain }}).

Most Linux systems limit the total number of search domains to 6 and the total length of all search domains to 256 characters. Depending on the length of dns_domain, you're limited to less than the total limit.

remove_default_searchdomains: true will remove the default cluster search domains.

Please note that resolvconf_mode: docker_dns will automatically add your systems search domains as additional search domains. Please take this into the accounts for the limits.

nameservers

This variable is only used by resolvconf_mode: host_resolvconf. These nameservers are added to the hosts /etc/resolv.conf after upstream_dns_servers and thus serve as backup nameservers. If this variable is not set, a default resolver is chosen (depending on cloud provider or 8.8.8.8 when no cloud provider is specified).

upstream_dns_servers

DNS servers to be added after the cluster DNS. Used by all resolvconf_mode modes. These serve as backup DNS servers in early cluster deployment when no cluster DNS is available yet.

dns_upstream_forward_extra_opts

Whether or not upstream DNS servers come from upstream_dns_servers variable or /etc/resolv.conf, related forward block in coredns (and nodelocaldns) configuration can take options (see https://coredns.io/plugins/forward/ for details). These are configurable in inventory in as a dictionary in the dns_upstream_forward_extra_opts variable. By default, no other option than the ones hardcoded (see roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 and roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2).

coredns_kubernetes_extra_opts

Custom options to be added to the kubernetes coredns plugin.

coredns_kubernetes_extra_domains

Extra domains to be forwarded to the kubernetes coredns plugin.

coredns_additional_configs

Extra configuration to be added to CoreDNS configuration

coredns_rewrite_block