CoreDNS, with John Belamaric

Kubernetes Podcast from Google

Episode | Podcast

Date: Tue, 02 Jun 2020 16:23:55 +0000

<p>In a world where pods (and IP addresses) come and go, DNS is a critical component. <a href="https://twitter.com/johnbelamaric">John Belamaric</a> is a Senior SWE at Google, a co-chair of Kubernetes SIG Architecture, a Core Maintainer of the CoreDNS project and author of the O’Reilly Media book Learning CoreDNS: Configuring DNS for Cloud Native Environments. He joins <a href="https://kubernetespodcast.com/about">Craig and Adam</a> to discuss CoreDNS, the evolution of DNS in Kubernetes, and how name resolution has been made more reliable in recent releases.</p> <p>Do you have something cool to share? Some questions? Let us know:</p> <ul> <li>web: <a href="https://kubernetespodcast.com">kubernetespodcast.com</a></li> <li>mail: <a href="mailto:kubernetespodcast@google.com">kubernetespodcast@google.com</a></li> <li>twitter: <a href="https://twitter.com/kubernetespod">@kubernetespod</a></li> </ul> <h3 id="chatter-of-the-week">Chatter of the week</h3> <ul> <li><a href="https://en.wikipedia.org/wiki/Death_of_George_Floyd">Death of George Floyd</a></li> <li><a href="https://youtu.be/xY96v0OIcK4?t=15637">SpaceX Crew Demo 2 launch</a></li> <li><a href="https://www.bbc.co.uk/news/science-environment-52877912">Sunniest Spring on record in the UK</a></li> <li><a href="https://www.bbc.co.uk/news/uk-scotland-highlands-islands-52740857"> A small test rocket launch in Scotland</a></li> <li><a href="https://en.wikipedia.org/wiki/Sutherland_spaceport">UK spaceport (proposed)</a></li> <li><a href="https://en.wikipedia.org/wiki/Rocket_Lab_Launch_Complex_1">New Zealand spaceport (active)</a></li> </ul> <h3 id="news-of-the-week">News of the week</h3> <ul> <li><a href="https://www.cncf.io/announcement/2020/06/01/priyanka-sharma-joins-cncf-as-general-manager/"> Priyanka Sharma replaces Dan Kohn at the CNCF</a> <ul> <li><a href="https://kubernetespodcast.com/episode/035-cloud-native-computing-foundation/"> Episode 35, with Dan Kohn</a></li> </ul> </li> <li><a href="https://blog.aquasec.com/starboard-kubernetes-tools">Starboard, by Aqua Security</a> <ul> <li><a href="https://kubernetespodcast.com/episode/019-kube-hunter-and-kubecon/"> Episode 19, with Liz Rice</a></li> </ul> </li> <li><a href="https://www.mirantis.com/blog/announcing-docker-enterprise-3-1-general-availability/"> Docker Enterprise 3.1 from Mirantis</a></li> <li><a href="https://www.docker.com/blog/shortening-the-developer-commute-with-docker-and-microsoft-azure/"> Docker and Microsoft</a>; <a href="https://azure.microsoft.com/blog/microsoft-and-docker-collaborate-on-new-ways-to-deploy-containers-on-azure/"> Microsoft and Docker</a></li> <li><a href="https://velero.io/blog/velero-1.4-community-wave/">Velero v1.4</a></li> <li><a href="https://agones.dev/site/blog/2020/05/26/1.6.0-player-tracking-kubernetes-1.15-node.js-sdk-updates/"> Agones v1.6</a> <ul> <li><a href="https://kubernetespodcast.com/episode/026-agones/">Episode 26, with Mark Mandel and Cyril Tovena</a></li> </ul> </li> <li><a href="https://blog.chef.io/google-kubernetes-engine-now-supports-windows-applications-and-chef-extends-migration-support-for-legacy-windows-applications-into-gke/"> Chef adds Windows container migration for GKE</a></li> <li><a href="https://developers.redhat.com/blog/2020/05/28/quarkus-a-kubernetes-native-java-runtime-now-fully-supported-by-red-hat/"> Red Hat adds Quarkus to Red Hat Runtimes</a></li> <li><a href="https://aws.amazon.com/blogs/containers/introducing-server-side-encryption-ephemeral-storage-using-aws-fargate-managed-keys-aws-fargate-platform-version-1-4/"> AWS encrypts Fargate ephemeral disks in v1.4</a></li> <li><a href="https://www.planetscale.com/blog/planetscale-open-sources-kubernetes-operator-for-vitess"> PlanetScale open sources a Vitess operator</a> <ul> <li><a href="https://kubernetespodcast.com/episode/081-vitess/">Episode 81, with Jiten Vaidya and Sugu Sougoumarane</a></li> </ul> </li> <li><a href="https://www.hashicorp.com/blog/deploy-any-resource-with-the-new-kubernetes-provider-for-hashicorp-terraform/"> Kubernetes provider for Hashicorp Terraform</a></li> <li><a href="https://security.googleblog.com/2020/05/expanding-our-work-with-open-source.html"> Google Vulnerability Reporting Program adds GKE</a></li> <li><a href="https://cloud.google.com/blog/products/containers-kubernetes/tools-for-debugging-apps-on-google-kubernetes-engine"> Tools for debugging apps on Google Kubernetes Engine</a> by Charles Baer and Xiang Shen</li> <li><a href="https://cloud.google.com/blog/products/containers-kubernetes/migrate-for-anthos-streamlines-legacy-java-app-modernization"> How Migrate for Anthos helps modernize Java apps</a></li> <li><a href="https://www.cncf.io/blog/2020/05/28/helm-project-journey-report/">Helm project journey report</a> <ul> <li><a href="https://kubernetespodcast.com/episode/102-helm-graduation/">Episode 102, with Matt Butcher</a></li> <li><a href="https://banzaicloud.com/blog/helm3-the-good-the-bad-and-the-ugly">Helm 3: the Good, the Bad and the Ugly</a> by Sandor Guba of BanzaiCloud</li> </ul> </li> <li><a href="https://csrc.nist.gov/publications/detail/sp/800-204a/final">NIST deployment guidelines for proxy-based Service Mesh</a> by Ramaswamy Chandramouli of NIST and Zack Butcher of Tetrate</li> <li><a href="https://www.youtube.com/watch?v=_W2qZvQT6XY">The World of kubectl Plugins</a>: a YouTube series by Ahmet Alp Balkan <ul> <li><a href="https://kubernetespodcast.com/episode/066-kubectl-plugins-and-krew/"> Episode 66, with Ahmet Alp Balkan and Luk Burchard</a></li> </ul> </li> </ul> <h3 id="links-from-the-interview">Links from the interview</h3> <ul> <li><a href="https://en.wikipedia.org/wiki/Domain_Name_System">Domain Name System</a> <ul> <li><a href="https://en.wikipedia.org/wiki/DNS_root_zone">Root zone</a></li> <li><a href="https://en.wikipedia.org/wiki/Domain_Name_System#Authoritative_name_server"> Authoritative name server</a></li> <li><a href="https://en.wikipedia.org/wiki/Domain_Name_System#Recursive_and_caching_name_server"> Recursive and caching name server</a></li> </ul> </li> <li><a href="https://www.infoblox.com/">Infoblox</a></li> <li><a href="https://kubernetes.io/docs/concepts/services-networking/service/">Kubernetes Service</a> <ul> <li><a href="https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/"> DNS for Serivices and Pods</a></li> <li><a href="https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/"> Customizing DNS for Kubernetes</a></li> </ul> </li> <li><a href="https://coredns.io/">CoreDNS</a>; the default DNS server for Kubernetes since 1.11 <ul> <li><a href="https://docs.google.com/presentation/d/1v6Coq1JRlqZ8rQ6bv0Tg0usSictmnN9U80g8WKxiOjQ/edit#slide=id.p"> Introduction slides</a></li> <li><a href="https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/0010-20180314-coredns-GA-proposal.md#motivation"> KEP for CoreDNS in Kubernetes</a></li> </ul> </li> <li><a href="https://github.com/skynetservices/skydns">SkyDNS</a></li> <li><a href="https://miek.nl/about/">Miek Gieben</a>; author of CoreDNS and <a href="https://miek.nl/2014/june/08/skydns-version-2/">SkyDNS version 2</a></li> <li><a href="https://caddyserver.com/">Caddy</a>: the HTTP server upon which CoreDNS is based</li> <li><a href="http://www.thekelleys.org.uk/dnsmasq/doc.html">Dnsmasq</a></li> <li><a href="https://coredns.io/manual/plugins/">CoreDNS plugins</a> <ul> <li><a href="https://coredns.io/plugins/rewrite/">Rewriting DNS with CoreDNS</a></li> <li><a href="https://coredns.io/explugins/redisc/">redisc plugin: enables a networked cache using Redis</a></li> <li><a href="https://coredns.io/explugins/ens/">ens plugin: serve DNS records from Ethereum Name Service</a></li> </ul> </li> <li><a href="https://kubernetes.io/docs/tasks/administer-cluster/nodelocaldns/"> Node Local DNS cache</a> and <a href="https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/0030-nodelocal-dns-cache.md"> KEP</a></li> <li><a href="https://www.isc.org/bind/">BIND</a></li> <li><a href="https://nlnetlabs.nl/projects/unbound/about/">Unbound DNS resolver</a></li> <li>Explanatory blog posts: <ul> <li><a href="https://pracucci.com/kubernetes-dns-resolution-ndots-options-and-why-it-may-affect-application-performances.html"> Understanding ndots in Kubernetes</a></li> <li><a href="https://www.weave.works/blog/racy-conntrack-and-dns-lookup-timeouts"> Racy conntrack and DNS lookup timeouts</a></li> </ul> </li> <li><a href="http://shop.oreilly.com/product/0636920233626.do">Learning CoreDNS: Configuring DNS for Cloud Native Environments</a> by John Belamaric and Cricket Liu <ul> <li><a href="https://www.oreilly.com/pub/au/284">Cricket Liu and his books</a></li> <li><a href="https://covers.oreillystatic.com/images/0636920233626/lrg.jpg">Book cover</a>: a <a href="https://en.wikipedia.org/wiki/Comber_(fish)">Comber fish</a></li> </ul> </li> <li>Policy integration <ul> <li><a href="https://kubernetespodcast.com/episode/101-open-policy-agent/">Episode 101, with Tim Hinrichs and Torin Sandall</a></li> <li><a href="https://github.com/coredns/policy">CoreDNS policy plugin</a></li> <li><a href="https://github.com/coredns/coredns-opa">coredns-opa</a></li> </ul> </li> <li><a href="https://github.com/kubernetes/community/tree/master/sig-architecture"> SIG Architecture</a> <ul> <li><a href="https://github.com/kubernetes/community/blob/master/sig-architecture/production-readiness.md"> Production Readiness Review</a> and <a href="https://github.com/kubernetes/enhancements/tree/master/keps/sig-architecture/1194-prod-readiness"> KEP</a></li> </ul> </li> <li><a href="https://i.imgur.com/WmRbmf5.png">A DNS haiku</a></li> <li><a href="https://twitter.com/johnbelamaric">John Belamaric</a> on Twitter</li> </ul>