openshift-docs/modules/nw-dns-cache-tuning.adoc

// Module included in the following assemblies:
// * networking/dns-operator.adoc

:_mod-docs-content-type: PROCEDURE
[id="nw-dns-cache-tuning_{context}"]
= Tuning the CoreDNS cache

For CoreDNS, you can configure the maximum duration of both successful or unsuccessful caching, also known respectively as positive or negative caching. Tuning the cache duration of DNS query responses can reduce the load for any upstream DNS resolvers.

[WARNING]
====
Setting TTL fields to low values could lead to an increased load on the cluster, any upstream resolvers, or both.
====

.Procedure

. Edit the DNS Operator object named `default` by running the following command:
+
[source,terminal]
----
$ oc edit dns.operator.openshift.io/default
----

. Modify the time-to-live (TTL) caching values:
+
.Configuring DNS caching
[source,yaml]
----
apiVersion: operator.openshift.io/v1
kind: DNS
metadata:
  name: default
spec:
  cache:
    positiveTTL: 1h <1>
    negativeTTL: 0.5h10m <2>
----
+
<1> The string value `1h` is converted to its respective number of seconds by CoreDNS. If this field is omitted, the value is assumed to be `0s` and the cluster uses the internal default value of `900s` as a fallback.
<2> The string value can be a combination of units such as `0.5h10m` and is converted to its respective number of seconds by CoreDNS. If this field is omitted, the value is assumed to be `0s` and the cluster uses the internal default value of `30s` as a fallback.

.Verification

. To review the change, look at the config map again by running the following command:
+
[source,terminal]
----
$ oc get configmap/dns-default -n openshift-dns -o yaml
----

. Verify that you see entries that look like the following example:
+
[source,yaml]
----
       cache 3600 {
            denial 9984 2400
        }
----

[role="_additional-resources"]
.Additional resources

For more information on caching, see link:https://coredns.io/plugins/cache/[CoreDNS cache].