Kubernetes DNS and CoreDNS Guide
Understand Kubernetes DNS resolution with CoreDNS. Debug DNS issues, configure custom DNS, and optimize DNS performance for large clusters.
π‘ Quick Answer: networking
The Problem
This is one of the most searched Kubernetes topics with thousands of monthly searches. A comprehensive, production-ready guide prevents hours of trial and error.
The Solution
Kubernetes DNS Format
<service>.<namespace>.svc.cluster.local
<pod-ip-dashes>.<namespace>.pod.cluster.local# From any pod:
# Same namespace β short name works
curl http://api-service/endpoint
# Cross namespace β need namespace
curl http://api-service.production/endpoint
# Fully qualified (FQDN)
curl http://api-service.production.svc.cluster.local/endpoint
# Headless service β individual pods
curl http://postgres-0.postgres.default.svc.cluster.local:5432
# SRV records (find port)
dig _http._tcp.api-service.default.svc.cluster.local SRVDebug DNS
# Quick test
kubectl run dns-test --rm -it --image=busybox -- nslookup kubernetes
# Detailed debugging
kubectl run dns-debug --rm -it --image=nicolaka/netshoot -- bash
> dig api-service.default.svc.cluster.local
> dig @10.96.0.10 api-service.default.svc.cluster.local # Direct CoreDNS
> cat /etc/resolv.conf
# Check CoreDNS is running
kubectl get pods -n kube-system -l k8s-app=kube-dns
kubectl logs -n kube-system -l k8s-app=kube-dns --tail=50Custom DNS Configuration
# Pod-level DNS config
spec:
dnsPolicy: "None" # Override cluster DNS
dnsConfig:
nameservers:
- 8.8.8.8
- 1.1.1.1
searches:
- default.svc.cluster.local
- svc.cluster.local
options:
- name: ndots
value: "2" # Reduce search domain lookupsCoreDNS Custom Zones
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns-custom
namespace: kube-system
data:
example.server: |
example.com:53 {
forward . 10.0.0.53 # Forward to internal DNS
}
# Or static entries
custom.override: |
hosts {
10.0.0.100 api.legacy.example.com
fallthrough
}ndots Optimization
# Default ndots=5 means ANY name with <5 dots gets search domains appended
# "api.external.com" β tries api.external.com.default.svc.cluster.local FIRST
# Fix: reduce ndots for pods making many external DNS calls
dnsConfig:
options:
- name: ndots
value: "2"
# Or use trailing dot: "api.external.com." (absolute name, no search)graph TD
A[Pod: curl api-service] --> B[/etc/resolv.conf]
B --> C[CoreDNS: 10.96.0.10]
C -->|cluster.local| D[Return ClusterIP]
C -->|external| E[Forward to upstream DNS]Frequently Asked Questions
Why is DNS slow in my cluster?
Common causes: high ndots (too many search domain attempts), CoreDNS under-resourced, or UDP conntrack table full. Set ndots: 2 for external-heavy workloads and scale CoreDNS based on cluster size.
Best Practices
- Start with the simplest configuration that solves your problem
- Test in staging before production
- Use
kubectl describeand events for troubleshooting - Document team conventions for consistency
Key Takeaways
- This is fundamental Kubernetes operational knowledge
- Follow established conventions and recommended labels
- Monitor and iterate based on real production behavior
- Automate repetitive tasks to reduce human error
Recommended
Kubernetes Recipes β The Complete Book100+ production-ready patterns with detailed explanations, best practices, and copy-paste YAML. Everything in one place.
Get the Book βLearn by Doing
CopyPasteLearn β Hands-on Cloud & DevOps CoursesMaster Kubernetes, Ansible, Terraform, and MLOps with interactive, copy-paste-run lessons. Start free.
Browse Courses β
π Deepen Your Skills β Hands-on Courses
Courses by CopyPasteLearn.com β Learn IT by Doing
Want More Kubernetes Recipes?
This recipe is from Kubernetes Recipes, our 750-page practical guide with hundreds of production-ready patterns.