Paul Payne
9687fad812
Convert all 15 cluster services from embedded API format to wild-directory packages using the unified manifest format: - metallb, traefik, cert-manager, longhorn, snapshot-controller - nfs, smtp, coredns, node-feature-discovery, nvidia-device-plugin - externaldns, docker-registry, headlamp, crowdsec, utils Changes: - wild-manifest.yaml → manifest.yaml with is, defaultConfig, requires - Eliminated configReferences and serviceConfig fields - Flattened kustomize.template/ to package root - Template vars use flat defaultConfig keys - install.sh paths updated for apps/ layout - Updated 9 app manifests: cloud.smtp.* → apps.smtp.* with requires - Removed dead install: true field from 6 app manifests Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1.3 KiB
1.3 KiB
CoreDNS
- https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
- https://github.com/kubernetes/dns/blob/master/docs/specification.md
- https://coredns.io/
CoreDNS has the kubernetes plugin, so it returns all k8s service endpoints in well-known format.
All services and pods are registered in CoreDNS.
-
..svc.cluster.local
-
.
-
(if in the same namespace)
-
..pod.cluster.local
-
...svc.cluster.local
Any query for a resource in the internal.$DOMAIN domain will be given the IP of the Traefik proxy. We expose the CoreDNS server in the LAN via MetalLB just for this capability.
Default CoreDNS Configuration
This is the default CoreDNS configuration, for reference:
.:53 {
errors
health { lameduck 5s }
ready
log . { class error }
prometheus :9153
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
forward . /etc/resolv.conf { max_concurrent 1000 }
cache 30 {
disable success cluster.local
disable denial cluster.local
}
loop
reload
loadbalance
}