Skip to content

Coredns #58

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pratik705 merged 3 commits into from
Mar 9, 2026
Merged

Coredns #58

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
948bf5a
expose optional coredns_external_zones
mikeruu Mar 5, 2026
2153811
expose optional coredns_external_zones
mikeruu Mar 5, 2026
c744b3d
Merge branch 'main' into coredns
pratik705 Mar 9, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions iac/provider/kubespray/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ resource "local_file" "k8s_cluster" {
kube_oidc_username_prefix = var.kube_oidc_username_prefix
kube_oidc_groups_claim = var.kube_oidc_groups_claim
kube_oidc_groups_prefix = var.kube_oidc_groups_prefix
coredns_external_zones = var.coredns_external_zones
})

filename = "./inventory/group_vars/k8s_cluster/k8s-cluster.yml"
Expand Down
16 changes: 15 additions & 1 deletion iac/provider/kubespray/templates/k8s_cluster.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,21 @@ enable_coredns_k8s_external: false
coredns_k8s_external_zone: k8s_external.local
# Enable endpoint_pod_names option for kubernetes plugin
enable_coredns_k8s_endpoint_pod_names: false
%{ if length(coredns_external_zones) > 0 ~}
# External zones configuration for CoreDNS
coredns_external_zones:
%{ for zone_config in coredns_external_zones ~}
- zones:
%{ for zone in zone_config.zones ~}
- ${zone}
%{ endfor ~}
nameservers:
%{ for ns in zone_config.nameservers ~}
- ${ns}
%{ endfor ~}
cache: ${zone_config.cache}
%{ endfor ~}
%{ endif ~}
# Set forward options for upstream DNS servers in coredns (and nodelocaldns) config
# dns_upstream_forward_extra_opts:
# policy: sequential
Expand All @@ -226,7 +241,6 @@ enable_coredns_k8s_endpoint_pod_names: false
# - 'fallthrough example.local'
# Forward extra domains to the coredns kubernetes plugin
# coredns_kubernetes_extra_domains: ''

# Can be docker_dns, host_resolvconf or none
resolvconf_mode: host_resolvconf
# Deploy netchecker app to verify DNS resolve as an HTTP service
Expand Down
10 changes: 10 additions & 0 deletions iac/provider/kubespray/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,16 @@ variable "enable_nodelocaldns" {
description = "Enable nodelocaldns for the cluster. This is useful for clusters with many nodes to reduce DNS query latency."
}

variable "coredns_external_zones" {
type = list(object({
zones = list(string)
nameservers = list(string)
cache = number
}))
default = []
description = "External DNS zones to forward to specific nameservers. Each entry contains zones, nameservers, and cache TTL."
}

variable "k8s_hardening_enabled" {
type = bool
default = false
Expand Down