From 92d612c3e07f1ef4aae5ebaa0bbdfe2179245f35 Mon Sep 17 00:00:00 2001 From: Tristan Date: Tue, 1 Feb 2022 08:48:18 +0000 Subject: [PATCH] 8487: Allow override of default CoreDNS zone cache (#8488) Using the coredns_cluster_zone_cache_block variable --- docs/dns-stack.md | 22 +++++++++++++++++++ .../kubernetes-apps/ansible/defaults/main.yml | 2 ++ .../ansible/templates/coredns-config.yml.j2 | 2 +- 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/docs/dns-stack.md b/docs/dns-stack.md index 42d1bf0e6..04662594e 100644 --- a/docs/dns-stack.md +++ b/docs/dns-stack.md @@ -86,6 +86,28 @@ dns_etchosts: | Whether reverse DNS lookups are enabled in the coredns config. Defaults to `true`. +### CoreDNS default zone cache plugin + +If you wish to configure the caching behaviour of CoreDNS on the default zone, you can do so using the `coredns_default_zone_cache_block` string block. + +An example value (more information on the [plugin's documentation](https://coredns.io/plugins/cache/)) to: + +* raise the max cache TTL to 3600 seconds +* raise the max amount of success responses to cache to 3000 +* disable caching of denial responses altogether +* enable pre-fetching of lookups with at least 10 lookups per minute before they expire + +Would be as follows: + +```yaml +coredns_default_zone_cache_block: | + cache 3600 { + success 3000 + denial 0 + prefetch 10 1m + } +``` + ## DNS modes supported by Kubespray You can modify how Kubespray sets up DNS for your cluster with the variables ``dns_mode`` and ``resolvconf_mode``. diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml index 37db5b6f5..dfaba4821 100644 --- a/roles/kubernetes-apps/ansible/defaults/main.yml +++ b/roles/kubernetes-apps/ansible/defaults/main.yml @@ -11,6 +11,8 @@ enable_coredns_reverse_dns_lookups: true coredns_ordinal_suffix: "" # dns_extra_tolerations: [{effect: NoSchedule, operator: "Exists"}] coredns_deployment_nodeselector: "kubernetes.io/os: linux" +coredns_default_zone_cache_block: | + cache 30 # nodelocaldns nodelocaldns_cpu_requests: 100m diff --git a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 index f4747cd9f..567824719 100644 --- a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 @@ -53,7 +53,7 @@ data: {% if enable_coredns_k8s_external %} k8s_external {{ coredns_k8s_external_zone }} {% endif %} - cache 30 + {{ coredns_default_zone_cache_block | indent(width=8, first=False) }} loop reload loadbalance