From 3237b2702fc8f85792314051d0f9aa66f0a7a05b Mon Sep 17 00:00:00 2001
From: Mateus Caruccio <mateus.caruccio@getupcloud.com>
Date: Fri, 27 Mar 2020 03:34:23 -0300
Subject: [PATCH] Add config coredns_external_zones (#5280)

Allows to add custom zone resolving servers.
---
 docs/dns-stack.md                             | 30 +++++++++++++++++++
 .../ansible/templates/coredns-config.yml.j2   | 12 ++++++++
 2 files changed, 42 insertions(+)

diff --git a/docs/dns-stack.md b/docs/dns-stack.md
index 4d32c73d4..263145266 100644
--- a/docs/dns-stack.md
+++ b/docs/dns-stack.md
@@ -42,6 +42,36 @@ DNS servers in early cluster deployment when no cluster DNS is available yet.
 
 ## DNS modes supported by Kubespray
 
+### coredns_external_zones
+
+Array of optional external zones to coredns forward queries to. It's  injected into
+`coredns`' config file before default kubernetes zone. Use it as an optimization for well-known zones and/or internal-only
+domains, i.e. VPN for internal networks (default is unset)
+
+Example:
+
+```yaml
+coredns_external_zones:
+- zones:
+  - example.com
+  - example.io:1053
+  nameservers:
+  - 1.1.1.1
+  - 2.2.2.2
+  cache: 5
+- zones:
+  - https://mycompany.local:4453
+  nameservers:
+  - 192.168.0.53
+  cache: 0
+```
+
+or as INI
+
+```ini
+coredns_external_zones=[{"cache": 30,"zones":["example.com","example.io:453"],"nameservers":["1.1.1.1","2.2.2.2"]}]'
+```
+
 You can modify how Kubespray sets up DNS for your cluster with the variables ``dns_mode`` and ``resolvconf_mode``.
 
 ### dns_mode
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
index a7d1378d1..60a364333 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
@@ -8,6 +8,18 @@ metadata:
       addonmanager.kubernetes.io/mode: EnsureExists
 data:
   Corefile: |
+{% if coredns_external_zones is defined and coredns_external_zones|length > 0 %}
+{%   for block in coredns_external_zones %}
+    {{ block['zones'] | join(' ') }} {
+        log
+        errors
+        forward . {{ block['nameservers'] | join(' ') }}
+        loadbalance
+        cache {{ block['cache'] | default(5) }}
+        reload
+    }
+{%   endfor %}
+{% endif %}
     .:53 {
         errors
         health
-- 
GitLab