DNS Resolution in Kubernetes

To figure out how DNS ResolutionDNS Resolution
[[DNS]] Resolution is a process in which [[Domain Name]] are converted to IP addresses of the hosts they point to.

The process of resolution is handled by multiple DNS servers which forward the re... works in KubernetesKubernetes
Kubernetes is a container orchestration platform. This note serves as a Map of Content for this topic. Start your exploration on one of these notes:

K8S NodeK8S Node
In [[Kubernetes]], a Node is a (physical or virtual) machine in charge of running some workloads. Kubernetes is run entirely on nodes, and everything that happens on Kubernetes cluster, happens on ...
[[K8S Object]]
[[What happen..., there are a few important components to consider:

  • k8s DNS server running on the cluster (e.g. CoreDNSCoreDNS
    CoreDNS is one of many [[DNS Server]] solutions, which is particuarily interesting because it's used for [[DNS Resolution in Kubernetes]]. Most of its functionality is implemented through plugins, ...    )
  • K8S NodeK8S Node
    In [[Kubernetes]], a Node is a (physical or virtual) machine in charge of running some workloads. Kubernetes is run entirely on nodes, and everything that happens on Kubernetes cluster, happens on ...    's local DNS resolution (e.g. /etc/resolv.conf)
  • KubeletKubelet
    Kubelet runs on a [[Kubernetes]] node and is responsible for managing the node it's runnning on. It starts and stops nodes as requested by the [[K8S Apiserver]]. It also updates the kube apiserver ...     which creates pods and prepares them for DNS resolution
  • 01 Inbox/Kubernetes Services which get cluster domain names in the k8s DNS server (e.g. mysvc.default.svc.cluster.local)

The question that we are interested in is how does a pod resolve a domain like mysvc.default.svc.cluster.local to the IP address that belongs to mysvc Service?

When a Service is created, CoreDNS creates a record to resolve it's hostname to it's IP address.

Your pod's dnsPolicy is set to ClusterFirst, which makes your pod use CoreDNS for DNS resolution. Based on this setting, when Kubelet creates your pod, it sets up appropriate rules in the pod (e.g. resolv.conf that points to the IP of CoreDNS).

CoreDNS pod's policy is set to Default, so when Kubelet creates CoreDNS pods, it will make CoreDNS inherit the DNS resolution rules of the host node. This makes sure that CoreDNS will forward any non-cluster-dns requests to be resolved by the node itself - and Viola, you can resolve both mysvc.default.svc.cluster.local and www.google.com from your pod!

Instead of CoreDNS, it's possible to use anything that conforms with the Kubernetes DNS Specification

Status: #🌲

References:

  • https://coredns.io/plugins/kubernetes/