Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Kubernetes DNS

Build Status Coverage Status Go Report Card

This is the repository for Kubernetes DNS.



make targets:

target description
all, build build all binaries
test run unit tests
containers build the containers
images-clean clear image build artifacts from workdir
push push containers to the registry
help this help message
version show package version
{build,containers,push}-ARCH do action for specific ARCH
all-{build,containers,push} do action for all ARCH
only-push-BINARY push just BINARY
  • Setting VERBOSE=1 will show additional build logging.
  • Setting VERSION will override the container version tag.

Vulnerability patching

Vulnerability patches are mainly for debian-base or debian-iptables images. They can be updated to the latest by modifying and dnsmasq Makefile. Example PR.

Once the PR has merged, a new release tag should be cut. The rest of the release process is described below.

Release process

  1. Build and test (make images-clean; make build; make containers; make test).
  2. To build just the node-cache container, use make containers CONTAINER_BINARIES=node-cache.
  3. The same steps are executed via the presubmit script which is run by the test-infra prow job.
  4. Update go dependencies if needed.
  5. Update the release tag. We use semantic versioning to name releases.
  6. Wait for container images to be pushed via cloudbuild yaml. This will be done automatically by A manual cloud build can be submitted via gcloud builds submit --config cloudbuild.yaml, but this requires owner permissions in k8s-staging-dns project. The automated job pushes images for all architectures and makes them available in Status for build jobs can be checked at -
  7. Promote the images to using the process described in this link. The image SHAs should be added to images/k8s-staging-dns/images.yaml. The SHAs can be obtained by running the command python <TAG> This will return the SHAs for kube-dns as well as node-cache images. Node-cache images are always promoted, kube-dns images are promoted if there is a change to kubedns/vulnerability fix.
  8. Images will be available in the repo The node-cache image with tag 1.15.14 can be found at Older versions are at
  9. Submit a PR for the kubernetes/kubernetes repository to switch to the new version of the containers. Example -