Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable CoreDNS as a DNS plugin for Kubernetes #427

Closed
johnbelamaric opened this issue Sep 12, 2017 · 51 comments
Closed

Enable CoreDNS as a DNS plugin for Kubernetes #427

johnbelamaric opened this issue Sep 12, 2017 · 51 comments
Assignees
Labels
kind/feature Categorizes issue or PR as related to a new feature. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. sig/network Categorizes an issue or PR as relevant to SIG Network. stage/stable Denotes an issue tracking an enhancement targeted for Stable/GA status
Milestone

Comments

@johnbelamaric
Copy link
Contributor

johnbelamaric commented Sep 12, 2017

Feature Description

  • One-line feature description (can be used as a release note): Enable CoreDNS as a DNS plugin for Kubernetes
  • Primary contact (assignee): @johnbelamaric
  • Responsible SIGs: sig-network, sig-cluster-lifecycle
  • Design proposal link (community repo): Add coredns proposal community#1100
  • Reviewer(s) - (for LGTM) recommend having 2+ reviewers (at least one from code-area OWNERS file) agreed to review. Reviewers from multiple companies preferred: @bowei @thockin
  • Approver (likely from SIG/area to which feature belongs): @thockin
  • Feature target (which target equals to which milestone):
    • Alpha release target (1.9)
    • Beta release target (1.10)
    • Stable release target (1.11)
@johnbelamaric
Copy link
Contributor Author

johnbelamaric commented Sep 12, 2017

cc @luxas @jbeda @mattmoyer @miekg

@cmluciano
Copy link
Member

cmluciano commented Sep 12, 2017

@k8s-ci-robot k8s-ci-robot added sig/network Categorizes an issue or PR as relevant to SIG Network. kind/feature Categorizes issue or PR as related to a new feature. labels Sep 12, 2017
@luxas luxas added the stage/alpha Denotes an issue tracking an enhancement targeted for Alpha status label Sep 12, 2017
@luxas luxas added this to the 1.9 milestone Sep 12, 2017
@klausenbusk
Copy link

klausenbusk commented Sep 15, 2017

What is the argument behind this switch?

@johnbelamaric
Copy link
Contributor Author

johnbelamaric commented Sep 15, 2017

Hi Kristian,

Here's a little background. CoreDNS is another CNCF project and is the successor to SkyDNS, which kube-dns is based on. It is a flexible, extensible authoritative DNS server and we have built a direct integration to the Kubernetes API. It can serve as cluster DNS, complying with the dns spec. We started discussions with @thockin, @matchstick and @bowei last year around KubeCon and they are open to it in principle, but of course it needs to be proven to be the right choice.

As for reasons to switch, CoreDNS has fewer moving parts than kube-dns, since it is a single executable and single process. It is written in Go so it is memory-safe (kube-dns includes dnsmasq which is not). It supports a number of use cases that kube-dns doesn't. As a general-purpose authoritative DNS server it has a lot of functionality that kube-dns couldn't reasonably be expected to add.

You may also want to check out the intro or coredns.io. There is also a webinar I did for CNCF a couple months back.

@smarterclayton
Copy link
Contributor

smarterclayton commented Sep 16, 2017

I would expect a proposal for this.

@johnbelamaric
Copy link
Contributor Author

johnbelamaric commented Sep 18, 2017

johnbelamaric added a commit to johnbelamaric/community that referenced this issue Sep 19, 2017
johnbelamaric added a commit to johnbelamaric/community that referenced this issue Sep 19, 2017
johnbelamaric added a commit to johnbelamaric/community that referenced this issue Sep 19, 2017
johnbelamaric added a commit to johnbelamaric/community that referenced this issue Sep 19, 2017
johnbelamaric added a commit to johnbelamaric/community that referenced this issue Sep 19, 2017
johnbelamaric added a commit to johnbelamaric/community that referenced this issue Sep 19, 2017
johnbelamaric added a commit to johnbelamaric/community that referenced this issue Sep 19, 2017
johnbelamaric added a commit to johnbelamaric/community that referenced this issue Sep 19, 2017
johnbelamaric added a commit to johnbelamaric/community that referenced this issue Sep 19, 2017
johnbelamaric added a commit to johnbelamaric/community that referenced this issue Sep 19, 2017
@johnbelamaric
Copy link
Contributor Author

johnbelamaric commented Sep 19, 2017

Ok, here is the proposal. Sorry for all those commits referencing this.

kubernetes/community#1100

@0xmichalis
Copy link

0xmichalis commented Nov 9, 2017

Not sure this was meant to close

/reopen

@johnbelamaric
Copy link
Contributor Author

johnbelamaric commented May 8, 2018

@idvoretskyi the current one does not enable it by default. It just declares it a GA feature that can be enabled. Enabling it by default (on new installs and on upgrades) will come later.

@idvoretskyi
Copy link
Member

idvoretskyi commented May 8, 2018

@johnbelamaric it's clear, thanks.

@luxas
Copy link
Member

luxas commented May 8, 2018

I'm not sure two feature issues are needed for that though. If CoreDNS is GA in v1.11 it's up to every deployment tool (kubeadm, kops, GKE, AKS, EKS, etc.) to enable it by default in their own pace. You can't dictate a default for an option for all of the installer options, as some of them are unreachable to the OSS world. I'd go with just this one. If you want to track the enabling of CoreDNS as a feature for a specific deployment like GKE, then you might optionally do that in a separate issue.

Does that make sense to you?

@johnbelamaric
Copy link
Contributor Author

johnbelamaric commented May 8, 2018

@luxas I see your point. However, don't we need to provide a recommendation at some point as to which of the options to use? What if we want to deprecate kube-dns at some point?

This "replace a component" is new territory, so we're trying to figure out the best process.

@luxas
Copy link
Member

luxas commented May 8, 2018

When CoreDNS is GA, I'd expect it to be the default for new clusters as it's the new thing.
That's the implicit recommendation from the feature status for me at least.
If CoreDNS is ready to technically be default in all new clusters in v1.11, I'd graduate it to GA now and deprecate kube-dns. kube-dns would be supported as an option for backwards-compability for a year (approx. four releases; until v1.15) though, as of GA: 1 year or 2 releases (whichever is longer) in https://kubernetes.io/docs/reference/deprecation-policy/

@johnbelamaric
Copy link
Contributor Author

johnbelamaric commented May 9, 2018

@luxas I expect there will be additional features (if there aren't already) in which you choose between several GA options that provide similar functionality. For example, whether to use iptables or ipvs for kube-proxy. I think we need a model for managing those situations.

@AishSundar
Copy link

AishSundar commented May 23, 2018

@johnbelamaric I am the CI Signal lead for 1.11 and also work on Conformance testing program for K8s. I see this feature is going to Stable in 1.11.
I also see you have some e2e test changes for this feature. I am following up to see if and which of those tests should we promote to the conformance suite in 1.11.
As part of the process to increase conformance coverage, outlined by Conformance WG and Sig-Arch, we expect features going into stable/GA to have representation in Conformance suite. Your update on the same will help us evaluate this feature better.

@smarterclayton
Copy link
Contributor

smarterclayton commented May 24, 2018

@fturib
Copy link

fturib commented May 24, 2018

@AishSundar : CoreDNS is replacing kube-dns. As such we ensured already that CoreDNS is conform to existing DNS Conformance test.
We have a suite test for CoreDNS running here : http://k8s-testgrid.appspot.com/sig-network-gce#gci-gce-coredns (that is larger than Conformance)

As such, CoreDNS has already a representation in Conformance suite (the same as kube-dns, the feature it replaces).

We also ensured that CoreDNS is compliant to all DNS test running in e2e. that is why we have some e2e test changes. But those are not part of the conformance suite.

Adapt existing test to CoreDNS, verifying the configuration by Configmap change : kubernetes/kubernetes#63265

Create a new test for DNS, by adding a specific DNS related test on scalability (asked by sig-networking) : kubernetes/kubernetes#63820

Extends all DNS tests for IPv6 use case : kubernetes/kubernetes#59894

@johnbelamaric
Copy link
Contributor Author

johnbelamaric commented May 24, 2018

@smarterclayton CoreDNS is conformant in the default configuration.

@smarterclayton
Copy link
Contributor

smarterclayton commented May 24, 2018

@AishSundar
Copy link

AishSundar commented May 24, 2018

Thanks @fturib for the clarification and PR pointers here

@justaugustus
Copy link
Member

justaugustus commented Jun 4, 2018

@johnbelamaric --
We're doing one more sweep of the 1.11 Features tracking spreadsheet.
Would you mind filling in any incomplete / blank fields for this feature's line item?

@johnbelamaric
Copy link
Contributor Author

johnbelamaric commented Jun 4, 2018

@justaugustus I updated it to "Draft". We have several PRs in various states of merged and under review for the docs. There is already a link in there to the tracking issue.

@justaugustus
Copy link
Member

justaugustus commented Jun 4, 2018

@johnbelamaric thanks for the update!
Looks like everything is fine on that tracking issue. My only note would be that that tracking issue would be better suited as an issue in k/k or k/website, not the Kubeadm project.

@justaugustus
Copy link
Member

justaugustus commented Jun 27, 2018

Closing this as the feature is GA in 1.11. Please feel free to reopen if there is still a need to track this.
/close

justaugustus pushed a commit to justaugustus/enhancements that referenced this issue Sep 3, 2018
@kacole2 kacole2 removed tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team labels Oct 15, 2018
MadhavJivrajani pushed a commit to kubernetes/design-proposals-archive that referenced this issue Nov 30, 2021
MadhavJivrajani pushed a commit to kubernetes/design-proposals-archive that referenced this issue Nov 30, 2021
MadhavJivrajani pushed a commit to MadhavJivrajani/design-proposals that referenced this issue Dec 1, 2021
MadhavJivrajani pushed a commit to MadhavJivrajani/design-proposals that referenced this issue Dec 1, 2021
MadhavJivrajani pushed a commit to MadhavJivrajani/design-proposals that referenced this issue Dec 1, 2021
MadhavJivrajani pushed a commit to kubernetes/design-proposals-archive that referenced this issue Dec 1, 2021
MadhavJivrajani pushed a commit to kubernetes/design-proposals-archive that referenced this issue Dec 1, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/feature Categorizes issue or PR as related to a new feature. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. sig/network Categorizes an issue or PR as relevant to SIG Network. stage/stable Denotes an issue tracking an enhancement targeted for Stable/GA status
Projects
None yet
Development

No branches or pull requests