mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-07 09:46:53 +01:00
101 lines
2.6 KiB
Plaintext
101 lines
2.6 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * networking/dns-operator.adoc
|
|
|
|
[id="nw-dns-forward_{context}"]
|
|
= Using DNS forwarding
|
|
|
|
You can use DNS forwarding to override the forwarding configuration identified in `etc/resolv.conf` on a per-zone basis by specifying which name server should be used for a given zone.
|
|
|
|
.Procedure
|
|
|
|
. Modify the DNS Operator object named `default`:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc edit dns.operator/default
|
|
----
|
|
+
|
|
This allows the Operator to create and update the ConfigMap named `dns-default` with additional server configuration blocks based on `Server`. If none of the servers has a zone that matches the query, then name resolution falls back to the name servers that are specified in `/etc/resolv.conf`.
|
|
+
|
|
.Sample DNS
|
|
[source,yaml]
|
|
----
|
|
apiVersion: operator.openshift.io/v1
|
|
kind: DNS
|
|
metadata:
|
|
name: default
|
|
spec:
|
|
servers:
|
|
- name: foo-server <1>
|
|
zones: <2>
|
|
- foo.com
|
|
forwardPlugin:
|
|
upstreams: <3>
|
|
- 1.1.1.1
|
|
- 2.2.2.2:5353
|
|
- name: bar-server
|
|
zones:
|
|
- bar.com
|
|
- example.com
|
|
forwardPlugin:
|
|
upstreams:
|
|
- 3.3.3.3
|
|
- 4.4.4.4:5454
|
|
----
|
|
<1> `name` must comply with the `rfc6335` service name syntax.
|
|
<2> `zones` must conform to the definition of a `subdomain` in `rfc1123`. The cluster domain, `cluster.local`, is an invalid `subdomain` for `zones`.
|
|
<3> A maximum of 15 `upstreams` is allowed per `forwardPlugin`.
|
|
+
|
|
[NOTE]
|
|
====
|
|
If `servers` is undefined or invalid, the ConfigMap only contains the default server.
|
|
====
|
|
+
|
|
. View the ConfigMap:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get configmap/dns-default -n openshift-dns -o yaml
|
|
----
|
|
+
|
|
.Sample DNS ConfigMap based on previous sample DNS
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
data:
|
|
Corefile: |
|
|
foo.com:5353 {
|
|
forward . 1.1.1.1 2.2.2.2:5353
|
|
}
|
|
bar.com:5353 example.com:5353 {
|
|
forward . 3.3.3.3 4.4.4.4:5454 <1>
|
|
}
|
|
.:5353 {
|
|
errors
|
|
health
|
|
kubernetes cluster.local in-addr.arpa ip6.arpa {
|
|
pods insecure
|
|
upstream
|
|
fallthrough in-addr.arpa ip6.arpa
|
|
}
|
|
prometheus :9153
|
|
forward . /etc/resolv.conf {
|
|
policy sequential
|
|
}
|
|
cache 30
|
|
reload
|
|
}
|
|
kind: ConfigMap
|
|
metadata:
|
|
labels:
|
|
dns.operator.openshift.io/owning-dns: default
|
|
name: dns-default
|
|
namespace: openshift-dns
|
|
----
|
|
<1> Changes to the `forwardPlugin` triggers a rolling update of the CoreDNS daemon set.
|
|
|
|
.Additional resources
|
|
|
|
* For more information on DNS forwarding, see the link:https://coredns.io/plugins/forward/[CoreDNS forward documentation].
|