From d69db3469e1f8a880b5c8d2c8c24ae0d4d882a00 Mon Sep 17 00:00:00 2001 From: bozzo Date: Sat, 14 Mar 2020 14:26:34 +0100 Subject: [PATCH] Add external zones in nodelocaldns configuration (#5591) Allows to configure additionnal zone for domains not resolved by `upstream_dns_servers`. --- docs/dns-stack.md | 19 +++++++++++++++++++ .../group_vars/k8s-cluster/k8s-cluster.yml | 13 +++++++++++++ .../templates/nodelocaldns-config.yml.j2 | 14 ++++++++++++++ 3 files changed, 46 insertions(+) diff --git a/docs/dns-stack.md b/docs/dns-stack.md index ac40f68b4..4d32c73d4 100644 --- a/docs/dns-stack.md +++ b/docs/dns-stack.md @@ -133,6 +133,25 @@ More information on the rationale behind this implementation can be found [here] **As per the 2.10 release, Nodelocal DNS cache is enabled by default.** +### External zones + +It's possible to extent the `nodelocaldns`' configuration by adding an array of external zones. For example: + +```yaml +nodelocaldns_external_zones: +- zones: + - example.com + - example.io:1053 + nameservers: + - 1.1.1.1 + - 2.2.2.2 + cache: 5 +- zones: + - https://mycompany.local:4453 + nameservers: + - 192.168.0.53 +``` + ## Limitations * Kubespray has yet ways to configure Kubedns addon to forward requests SkyDns can diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml index 0d3792ab2..c43cd83c8 100644 --- a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml +++ b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml @@ -139,6 +139,19 @@ dns_mode: coredns enable_nodelocaldns: true nodelocaldns_ip: 169.254.25.10 nodelocaldns_health_port: 9254 +# nodelocaldns_external_zones: +# - zones: +# - example.com +# - example.io:1053 +# nameservers: +# - 1.1.1.1 +# - 2.2.2.2 +# cache: 5 +# - zones: +# - https://mycompany.local:4453 +# nameservers: +# - 192.168.0.53 +# cache: 0 # Enable k8s_external plugin for CoreDNS enable_coredns_k8s_external: false coredns_k8s_external_zone: k8s_external.local diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 index e56cc534a..dd5732f89 100644 --- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 @@ -8,6 +8,20 @@ metadata: data: Corefile: | +{% if nodelocaldns_external_zones is defined and nodelocaldns_external_zones|length > 0 %} +{% for block in nodelocaldns_external_zones %} + {{ block['zones'] | join(' ') }} { + errors + cache {{ block['cache'] | default(30) }} + reload + loop + bind {{ nodelocaldns_ip }} + forward . {{ block['nameservers'] | join(' ') }} + prometheus :9253 + log + } +{% endfor %} +{% endif %} {{ dns_domain }}:53 { errors cache {