Skip to content

CoreDNS service discovery

CoreDNS service discovery is the mechanism within Kubernetes that enables services (applications) to locate and communicate with each other dynamically.^[400-devops-06-kubernetes-k8s-paas-03k8s.md]

In a Kubernetes cluster, Pod IP addresses are ephemeral and change frequently due to scaling, updates, or restarts. Service discovery resolves this volatility by abstracting a stable "Service" resource with a fixed cluster IP, which acts as a consistent entry point. Traffic sent to this entry point is load-balanced across the relevant backend Pods.^[400-devops-06-kubernetes-k8s-paas-03k8s.md]

CoreDNS Architecture

CoreDNS is typically deployed as a Deployment within the kube-system namespace.^[400-devops-06-kubernetes-k8s-paas-03k8s.md] The system consists of several key components:

  • ServiceAccount & RBAC: CoreDNS requires a dedicated ServiceAccount and associated ClusterRole/ClusterRoleBinding permissions to list and watch API resources like endpoints, services, pods, and namespaces.^[400-devops-06-kubernetes-k8s-paas-03k8s.md]
  • ConfigMap: The configuration is defined in a Corefile, typically stored in a ConfigMap named coredns.^[400-devops-06-kubernetes-k8s-paas-03k8s.md] This file defines plugins such as kubernetes (for cluster-local service discovery), forward (for proxying external queries to upstream DNS like 10.4.7.11), and cache.^[400-devops-06-kubernetes-k8s-paas-03k8s.md]
  • Service: CoreDNS itself is exposed as a Service with a fixed ClusterIP (commonly 192.168.0.2), which acts as the nameserver for the cluster.^[400-devops-06-kubernetes-k8s-paas-03k8s.md]

DNS Resolution Model

CoreDNS establishes a DNS naming model where service names map to their cluster IPs, similar to how traditional DNS maps hostnames to IPs.^[400-devops-06-kubernetes-k8s-paas-03k8s.md]

A standard DNS query follows this pattern: * Query Format: <service-name>.<namespace>.svc.cluster.local. * Example: A service named nginx-dp in the kube-public namespace can be queried as nginx-dp.kube-public.svc.cluster.local.^[400-devops-06-kubernetes-k8s-paas-03k8s.md] * Resolution: The DNS server (at 192.168.0.2) resolves this name to the Service's virtual IP, which then forwards traffic to the backend Pods.^[400-devops-06-kubernetes-k8s-paas-03k8s.md]

Sources

  • 400-devops-06-kubernetes-k8s-paas-03k8s.md