Skip to content

Commit 4d09c4e

Browse files
prameshjTim Bannister
prameshj
and
Tim Bannister
authored
Update nodelocaldns.md with config steps. (#18716)
Remove references to 169.254.20.10 as the default. Update content/en/docs/tasks/administer-cluster/nodelocaldns.md Co-Authored-By: Tim Bannister <[email protected]>
1 parent 4a02480 commit 4d09c4e

File tree

1 file changed

+38
-11
lines changed

1 file changed

+38
-11
lines changed

content/en/docs/tasks/administer-cluster/nodelocaldns.md

Lines changed: 38 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
reviewers:
33
- bowei
44
- zihongz
5+
- sftim
56
title: Using NodeLocal DNSCache in Kubernetes clusters
67
content_template: templates/task
78
---
@@ -47,18 +48,44 @@ This is the path followed by DNS Queries after NodeLocal DNSCache is enabled:
4748
{{< figure src="/images/docs/nodelocaldns.jpg" alt="NodeLocal DNSCache flow" title="Nodelocal DNSCache flow" caption="This image shows how NodeLocal DNSCache handles DNS queries." >}}
4849

4950
## Configuration
50-
51-
This feature can be enabled using the command:
52-
53-
`KUBE_ENABLE_NODELOCAL_DNS=true kubetest --up`
54-
55-
This works for e2e clusters created on GCE. On all other environments, the following steps will setup NodeLocal DNSCache:
56-
57-
* A yaml similar to [this](https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml) can be applied using `kubectl create -f` command.
58-
* No need to modify the --cluster-dns flag since NodeLocal DNSCache listens on both the kube-dns service IP as well as a link-local IP (169.254.20.10 by default)
51+
{{< note >}} The local listen IP address for NodeLocal DNSCache can be any IP in the 169.254.20.0/16 space or any other IP address that can be guaranteed to not collide with any existing IP. This document uses 169.254.20.10 as an example.
52+
{{< /note >}}
53+
54+
This feature can be enabled using the following steps:
55+
56+
* Prepare a manifest similar to the sample [`nodelocaldns.yaml`](https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml) and save it as `nodelocaldns.yaml.`
57+
* Substitute the variables in the manifest with the right values:
58+
59+
* kubedns=`kubectl get svc kube-dns -n kube-system -o jsonpath={.spec.clusterIP}`
60+
61+
* domain=`<cluster-domain>`
62+
63+
* localdns=`<node-local-address>`
64+
65+
`<cluster-domain>` is "cluster.local" by default. `<node-local-address>` is the local listen IP address chosen for NodeLocal DNSCache.
66+
67+
* If kube-proxy is running in IPTABLES mode:
68+
69+
``` bash
70+
sed -i "s/__PILLAR__LOCAL__DNS__/$localdns/g; s/__PILLAR__DNS__DOMAIN__/$domain/g; s/__PILLAR__DNS__SERVER__/$kubedns/g" nodelocaldns.yaml
71+
```
72+
73+
`__PILLAR__CLUSTER__DNS__` and `__PILLAR__UPSTREAM__SERVERS__` will be populated by the node-local-dns pods.
74+
In this mode, node-local-dns pods listen on both the kube-dns service IP as well as `<node-local-address>`, so pods can lookup DNS records using either IP address.
75+
76+
* If kube-proxy is running in IPVS mode:
77+
78+
``` bash
79+
sed -i "s/__PILLAR__LOCAL__DNS__/$localdns/g; s/__PILLAR__DNS__DOMAIN__/$domain/g; s/__PILLAR__DNS__SERVER__//g; s/__PILLAR__CLUSTER__DNS__/$kubedns/g" nodelocaldns.yaml
80+
```
81+
In this mode, node-local-dns pods listen only on `<node-local-address>`. The node-local-dns interface cannot bind the kube-dns cluster IP since the interface used for IPVS loadbalancing already uses this address.
82+
`__PILLAR__UPSTREAM__SERVERS__` will be populated by the node-local-dns pods.
83+
84+
* Run `kubectl create -f nodelocaldns.yaml`
85+
* If using kube-proxy in IPVS mode, `--cluster-dns` flag to kubelet needs to be modified to use `<node-local-address>` that NodeLocal DNSCache is listening on.
86+
Otherwise, there is no need to modify the value of the `--cluster-dns` flag, since NodeLocal DNSCache listens on both the kube-dns service IP as well as `<node-local-address>`.
5987

6088
Once enabled, node-local-dns Pods will run in the kube-system namespace on each of the cluster nodes. This Pod runs [CoreDNS](https://github.com/coredns/coredns) in cache mode, so all CoreDNS metrics exposed by the different plugins will be available on a per-node basis.
6189

62-
The feature can be disabled by removing the daemonset, using `kubectl delete -f` command. On e2e clusters created on GCE, the daemonset can be removed by deleting the node-local-dns yaml from `/etc/kubernetes/addons/0-dns/nodelocaldns.yaml`
63-
90+
You can disable this feature by removing the DaemonSet, using `kubectl delete -f <manifest>` . You should also revert any changes you made to the kubelet configuration.
6491
{{% /capture %}}

0 commit comments

Comments
 (0)