I want to configure a conditional forwarder with CoreDNS in my Amazon Elastic Kubernetes Service (Amazon EKS) cluster.
Short description
You can use CoreDNS to configure conditional forwarding for DNS queries sent to the domains resolved by a customized DNS server. For more information, see Customizing DNS Service on the Kubernetes website.
Important: Apply the modifications in the following resolution to self-managed CoreDNS only. To make configuration changes to the CoreDNS Amazon EKS add-on, determine the settings that Amazon EKS manages by checking the Amazon EKS add-on configuration. Check the add-on configuration before making any changes, because modifying a field managed by Amazon EKS prevents Amazon EKS from managing the add-on. This could result in your changes being overwritten when an add-on is updated.
Resolution
1. Modify the CoreDNS ConfigMap and add the conditional forwarder configuration:
$ kubectl -n kube-system edit configmap coredns
Output:
apiVersion: v1
kind: ConfigMap
metadata:
annotations:
labels:
eks.amazonaws.com/component: coredns
k8s-app: kube-dns
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
errors
health
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
forward . /etc/resolv.conf
cache 30
loop
reload
loadbalance
}
domain-name:53 {
errors
cache 30
forward . custom-dns-server
reload
}
Note: Replace domain-name with your domain name. Replace custom-dns-server with your custom DNS server IP address.
2. Verify that domain name resolution works:
$ kubectl run busybox --restart=Never --image=busybox:1.28 -- sleep 3600
$ kubectl exec busybox -- nslookup domain-name
Note: Replace domain-name with your domain name.