How to add nameservers to CoreDNS Corefile in OpenShift 4

Solution Verified - Updated -

Environment

  • Red Hat OpenShift Container Platform (RHOCP)
    • 4
  • CoreDNS

Issue

  • How to add additional upstream nameserver for a specific domain to CoreDNS in OCP 4?
  • Configure two different upstream nameservers, one used to resolve default requests/domains, and the other one for a specific domain.
  • Is it allowed to modify CoreFile directly to add the nameserver?

Resolution

Directly modifying the Corefile configuration file is not supported.

In recent OpenShift 4 releases, it is possible to configure DNS forwarding with the help of the DNS Operator API. Refer to using DNS forwarding for additional information about:

  • Specify different DNS servers (spec.servers) for one or more subdomains (zones).
  • Provide a list of upstream DNS servers (spec.upstreamResolvers).
  • Change the default forwarding policy.

For configuring the /etc/resolv.conf in the nodes instead of the CoreDNS configuration, please refer to how to add additional search domains and nameservers to resolv.conf in OpenShift 4.

Root Cause

Disclaimer: Links contained herein to external website(s) are provided for convenience only. Red Hat has not reviewed the links and is not responsible for the content or its availability. The inclusion of any link to an external website does not imply endorsement by Red Hat of the website or their entities, products or services. You agree that Red Hat is not responsible or liable for any loss or expenses that may result due to your use of (or reliance on) the external site or content.

It is possible to use DNS forwarding to override the default forwarding configuration in the /etc/resolv.conf file.

CoreDNS is forwarding to the upstream nameserver by domain. This API definition shows the API functionality of this feature. The DNS forward plugin is supported in OCP 4.

Diagnostic Steps

  • Check the configuration in the configmap before and after the changes in the dns.operator resource:

    $ oc get configmap dns-default -n openshift-dns -o yaml

  • Check the dns.operator resource configuration:

    $ oc get dns.operator -o yaml

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments