Last modified October 30, 2018

Advanced CoreDNS Configuration

The CoreDNS addon running inside your cluster has additional configuration options and features that can be customized.

You can customize two of these configuration options on a per cluster basis through a ConfigMap inside your clusters. The ConfigMap is named coredns-user-values and is located in the kube-system namespace.

Note: This feature is only available in more recent cluster versions. To check if your cluster version supports customization through the ConfigMap, you can check if the above-mentioned ConfigMap is present.

$ kubectl -n kube-system get cm coredns-user-values
NAME                                   DATA      AGE
coredns-user-values                    0         11m

On cluster creation the ConfigMap is empty and below-mentioned defaults will be applied to the final CoreDNS deployment. To customize any of the configuration options, you just need to add the respective line(s) in the data field of the user ConfigMap.

Warning: Please do not edit any of the other CoreDNS related resources. Only the user ConfigMap is safe to edit.

Cache Settings

By default we set the cache TTL for CoreDNS to 30 seconds. You can customize the cache settings of CoreDNS by setting the value of the cache field in the user ConfigMap like following.

data:
  cache: 60

Above setting increases the TTL to 60 seconds.

The cache plugin also supports much more detailed configuration which is documented in the upstream documentation.

Additional Proxies

The default proxy entry we set in CoreDNS is

proxy . /etc/resolv.conf

You can add additional proxy entries by adding a each as a line to the proxy field of the user ConfigMap.

For a single entry you can use the same line.

data:
  proxy: foo.com 1.1.1.1

For multplie entries you add a string with a proxy entry per line.

data:
  proxy: |
    foo.com 1.1.1.1
    bar.com 8.8.8.8

Above example would result in following additional proxy entries in the CoreDNS configuration:

proxy foo.com 1.1.1.1
proxy bar.com 8.8.8.8

This setting would proxy all requests within foo.com to 1.1.1.1 which is Cloudflare’s DNS and all requests within bar.com to 8.8.8.8 which is Google Public DNS. All other requests will be resolved by the default DNS provider set for your cluster.

The proxy plugin also supports much more detailed configuration which is documented in the upstream documentation.

Further reading