You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to implement a simple DNS rewrite in our AKS instance and the provided example:
apiVersion: v1kind: ConfigMapmetadata:
name: coredns-customnamespace: kube-systemdata:
example.server: | # you may select any name here, but it must end with the .server file extension example.com:53 { log errors rewrite stop { name regex (.*)\.example.com {1}.default.svc.cluster.local answer name (.*)\.default\.svc\.cluster\.local {1}.example.com } forward . /etc/resolv.conf # you can redirect this to a specific DNS server such as 10.0.0.10, but that server must be able to resolve the rewritten domain name }
Is not working. If I look at the logs from the coredns pods, I see the following:
[INFO] 10.0.20.18:56053 - 58809 "A IN test.example.com. udp 60 false 512" NXDOMAIN qr,rd,ra 121 0.003595002s
[INFO] 10.0.20.18:56053 - 59326 "AAAA IN test.example.com. udp 60 false 512" NXDOMAIN qr,rd,ra 121 0.004423049s
However, if I add the following:
apiVersion: v1kind: ConfigMapmetadata:
name: coredns-customnamespace: kube-systemdata:
example.server: | # you may select any name here, but it must end with the .server file extension example.com:53 { log errors rewrite stop { name regex (.*)\.example.com {1}.default.svc.cluster.local answer name (.*)\.default\.svc\.cluster\.local {1}.example.com } kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa } forward . /etc/resolv.conf # you can redirect this to a specific DNS server such as 10.0.0.10, but that server must be able to resolve the rewritten domain name }
Then it works as expected and I receive the following:
[INFO] 10.0.20.18:42972 - 14130 "AAAA IN test.example.com. udp 60 false 512" NOERROR qr,aa,rd 139 0.000387509s
[INFO] 10.0.20.18:42972 - 6446 "A IN test.example.com. udp 60 false 512" NOERROR qr,aa,rd 90 0.000153903s
and requests are routed properly.
I'm trying to understand if this is expected and correct behavior. I'm guessing that it has something to do with the location of the import custom/*.server line in the default coredns Corefile configmap, which has it outside of the root .:53 block:
If that is indeed the case, I would expect I should probably include the other commands as well (e.g., cache, loop, reload, and loadbalance) to my custom configmap. Is that correct?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
ID: 2f95537e-770a-739c-0175-4447a995f8b2
Version Independent ID: 6c9a1132-05af-70f1-5a2b-8dad56de9cc3
Rewrites that change incoming question names to kubernetes zone names should be added to the default server block via the custom/*.override import. coredns/coredns#5122 (comment)
Hi @kobulloc-MSFT, thanks for your feedback. And thank you @chrisohaver for providing help here. I'm updating the doc and incorporating this feedback. I will now close this GH issue.
I'm trying to implement a simple DNS rewrite in our AKS instance and the provided example:
Is not working. If I look at the logs from the coredns pods, I see the following:
However, if I add the following:
Then it works as expected and I receive the following:
and requests are routed properly.
I'm trying to understand if this is expected and correct behavior. I'm guessing that it has something to do with the location of the
import custom/*.server
line in the default coredns Corefile configmap, which has it outside of the root.:53
block:If that is indeed the case, I would expect I should probably include the other commands as well (e.g., cache, loop, reload, and loadbalance) to my custom configmap. Is that correct?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
The text was updated successfully, but these errors were encountered: