CoreDNS is the modular, extensible DNS server that serves as the default cluster DNS for Kubernetes. It allows Pods to locate Services via human-readable names (Service Discovery) rather than unstable IP addresses. It runs as a Deployment in the `kube-system` namespace, typically named `coredns`, eā¦CoreDNS is the modular, extensible DNS server that serves as the default cluster DNS for Kubernetes. It allows Pods to locate Services via human-readable names (Service Discovery) rather than unstable IP addresses. It runs as a Deployment in the `kube-system` namespace, typically named `coredns`, exposed by a Service named `kube-dns`.
**How it Works:**
When a Pod is created, the kubelet configures the Pod's `/etc/resolv.conf` to point to the `kube-dns` Service IP. When an application requests a name like `db-service`, the query goes to CoreDNS, which resolves it to the Service's ClusterIP. It handles FQDNs like `my-svc.my-ns.svc.cluster.local`.
**Configuration (The Corefile):**
CoreDNS behavior is defined in a ConfigMap named `coredns`. The configuration text is called the `Corefile`. Important plugins include:
- `kubernetes`: Resolves in-cluster service names.
- `forward`: Forwards queries for external domains (like google.com) to upstream nameservers (usually inherited from the Node).
- `log`: Useful for debugging DNS query errors.
**CKA Exam Focus:**
1. **Troubleshooting:** You must know how to verify DNS is working. A common technique is deploying a `busybox` pod and running `nslookup kubernetes.default`.
2. **Customization:** You may be asked to configure **conditional forwarding** or **Stub Domains**. This involves editing the `coredns` ConfigMap to route specific traffic (e.g., `*.corp.local`) to a specific external DNS server.
3. **Apply Changes:** After editing the ConfigMap, you must restart the CoreDNS pods (e.g., `kubectl rollout restart deployment coredns -n kube-system`) for changes to take effect.
Mastering CoreDNS for the CKA Exam: Services & Networking
What is CoreDNS and Why is it Important? CoreDNS is a flexible, extensible DNS server that serves as the default cluster DNS for Kubernetes. It is crucial because it enables Service Discovery. In a dynamic Kubernetes environment where Pod IPs change frequently, CoreDNS allows components to locate each other by name (e.g., my-service.default.svc.cluster.local) rather than IP address. Without a functioning CoreDNS, internal cluster communication usually breaks.
How CoreDNS Works in Kubernetes CoreDNS is deployed as a Deployment (typically named coredns) running within the kube-system namespace. It exposes a Service named kube-dns (usually with the IP 10.96.0.10).
When a Pod is created, the kubelet populates the Pod's /etc/resolv.conf file with the IP address of the kube-dns Service. When an application in that Pod tries to resolve a hostname, the query is sent to the CoreDNS Pods, which look up the record in the Kubernetes API and return the IP.
Configuration: The Corefile CoreDNS is configured via a file called Corefile. In Kubernetes, this file is stored in a ConfigMap named coredns in the kube-system namespace. This file defines which plugins are enabled (e.g., kubernetes for cluster records, forward for external DNS resolution).
How to Answer CKA Questions on CoreDNS Exam questions often focus on troubleshooting DNS failures or configuring custom DNS forwarding. Follow this workflow: 1. Verify Status: Check if CoreDNS pods are running: kubectl get pods -n kube-system -l k8s-app=kube-dns. 2. Check Logs: If pods are crashing or not resolving, check logs: kubectl logs -n kube-system -l k8s-app=kube-dns. 3. Inspect Configuration: View the config: kubectl describe cm coredns -n kube-system. Look for syntax errors in the Corefile or incorrect forwarder IPs. 4. Test Resolution: Spin up a temporary pod to test DNS: kubectl run test --image=busybox:1.28 --restart=Never -- sleep 4800 followed by kubectl exec test -- nslookup kubernetes.
Exam Tips: Answering Questions on Understand and use CoreDNS 1. Editing the Config: If asked to change DNS behavior (e.g., forward traffic to a specific external server), you must edit the ConfigMap: kubectl edit cm coredns -n kube-system. 2. Applying Changes: Modifying the ConfigMap does not automatically restart the Pods instantly, though CoreDNS does have a reload plugin. To ensure changes take immediate effect in an exam context, it is often safer to delete the CoreDNS pods so the ReplicaSet recreates them with the new config: kubectl delete pod -n kube-system -l k8s-app=kube-dns. 3. Syntax Matters: The Corefile syntax is strict. If you introduce a syntax error, the CoreDNS pods may fail to start (CrashLoopBackOff). Always verify the pods are Running after you edit the ConfigMap. 4. /etc/resolv.conf: Remember that you generally cannot edit /etc/resolv.conf directly on nodes or pods to fix cluster DNS issues; you must fix the source (the kubelet config or the CoreDNS ConfigMap).