CSTF/wild-cloud
1
1
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects 1 Releases 1 Wiki Activity

Refactor CoreDNS setup: add custom configuration and LoadBalancer service. This prevents k3s overwriting our config with a CoreDNS restart.

Browse Source
This commit is contained in:
Paul Payne
2025-05-25 15:47:31 -07:00
parent 696851298b
commit 2b2c4a0a73
5 changed files with 62 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
infrastructure_setup/coredns/README.md
View File

@@ -15,4 +15,35 @@ All services and pods are registered in CoreDNS.
- <pod-ipv4-address>.<namespace>.pod.cluster.local - <pod-ipv4-address>.<namespace>.pod.cluster.local
- <pod-ipv4-address>.<service-name>.<namespace>.svc.cluster.local - <pod-ipv4-address>.<service-name>.<namespace>.svc.cluster.local
Anything wuery for a resource in the `internal.$DOMAIN` domain will be given the IP of the Traefik proxy. We expose the CoreDNS server in the LAN via MetalLB just for this capability. Any query for a resource in the `internal.$DOMAIN` domain will be given the IP of the Traefik proxy. We expose the CoreDNS server in the LAN via MetalLB just for this capability.
## Default CoreDNS Configuration
Found at: https://github.com/k3s-io/k3s/blob/master/manifests/coredns.yaml
This is k3s default CoreDNS configuration, for reference:
```txt
.:53 {
errors
health
ready
kubernetes %{CLUSTER_DOMAIN}% in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
}
hosts /etc/coredns/NodeHosts {
ttl 60
reload 15s
fallthrough
}
prometheus :9153
forward . /etc/resolv.conf
cache 30
loop
reload
loadbalance
import /etc/coredns/custom/*.override
}
import /etc/coredns/custom/*.server
```

43
infrastructure_setup/coredns/coredns-config.yaml
View File

@@ -1,43 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
# LAN DNS. All internal domains should resolve to the proxy.
internal.cloud.payne.io:53 {
errors
cache 30
reload
template IN A {
match (.*)\.internal\.cloud\.payne\.io\.
answer "{{ .Name }} 60 IN A 192.168.8.240"
}
}
# In-cloud DNS
.:53 {
health
errors
cache 30
reload
loop
ready
loadbalance
kubernetes cluster.local in-addr.arpa ip6.arpa {
fallthrough in-addr.arpa ip6.arpa
}
hosts /etc/coredns/NodeHosts {
fallthrough
}
forward . 1.1.1.1 8.8.8.8 {
max_concurrent 1000
}
}
NodeHosts: |
192.168.8.218 box-01
192.168.8.222 civil
# 192.168.8.240 dashboard.internal.${DOMAIN}

24
infrastructure_setup/coredns/coredns-custom-config.yaml Normal file
View File

@@ -0,0 +1,24 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns-custom
namespace: kube-system
data:
# Custom server block for internal domains. All internal domains should
# resolve to the cluster proxy.
internal.server: |
internal.cloud.payne.io {
errors
cache 30
reload
template IN A {
match (.*)\.internal\.cloud\.payne\.io\.
answer "{{ .Name }} 60 IN A 192.168.8.240"
}
}
# Custom override to set external resolvers.
external.override: |
forward . 1.1.1.1 8.8.8.8 {
max_concurrent 1000
}

0
infrastructure_setup/coredns/coredns-service.yaml → infrastructure_setup/coredns/coredns-lb-service.yaml
View File

11
infrastructure_setup/setup-coredns.sh
View File

@@ -14,16 +14,17 @@ echo "Setting up CoreDNS for k3s..."
echo "Script directory: ${SCRIPT_DIR}" echo "Script directory: ${SCRIPT_DIR}"
echo "Current directory: $(pwd)" echo "Current directory: $(pwd)"
# Apply the custom config for the k3s-provided CoreDNS # Apply the k3s-compatible custom DNS override (k3s will preserve this)
echo "Applying CoreDNS configuration..." echo "Applying CoreDNS custom override configuration..."
cat "${SCRIPT_DIR}/coredns/coredns-config.yaml" | envsubst | kubectl apply -f - cat "${SCRIPT_DIR}/coredns/coredns-custom-config.yaml" | envsubst | kubectl apply -f -
# Apply the LoadBalancer service for external access to CoreDNS # Apply the LoadBalancer service for external access to CoreDNS
echo "Applying CoreDNS service configuration..." echo "Applying CoreDNS service configuration..."
cat "${SCRIPT_DIR}/coredns/coredns-service.yaml" | envsubst | kubectl apply -f - cat "${SCRIPT_DIR}/coredns/coredns-lb-service.yaml" | envsubst | kubectl apply -f -
# Restart CoreDNS pods to apply the changes # Restart CoreDNS pods to apply the changes
echo "Restarting CoreDNS pods to apply changes..." echo "Restarting CoreDNS pods to apply changes..."
kubectl delete pod -n kube-system -l k8s-app=kube-dns kubectl rollout restart deployment/coredns -n kube-system
kubectl rollout status deployment/coredns -n kube-system
echo "CoreDNS setup complete!" echo "CoreDNS setup complete!"