Release Notes and Announcements
- Release Notes
- Announcements
- Release Notes
Product Introduction
Purchase Guide
- Purchase Instructions
- Purchase a TKE General Cluster
- Purchasing Native Nodes
- Purchasing a Super Node
Getting Started
Cluster Configuration
- General Cluster Overview
- Cluster Management
- Network Management
- Storage Management
- Node Management
- GPU Resource Management
- Remote Terminals
Application Configuration
- Workload Management
- Service and Configuration Management
- Component and Application Management
- Auto Scaling
- Container Login Methods
Observability Configuration
- Ops Observability
- Cost Insights and Optimization
Scheduler Configuration
- Scheduling Component Overview
- Resource Utilization Optimization Scheduling
- Business Priority Assurance Scheduling
- QoS Awareness Scheduling
Security and Stability
- TKE Security Group Settings
- Identity Authentication and Authorization
- Application Security
Multi-cluster Management
- Planned Upgrade
- Backup Center
Cloud Native Service Guide
- Cloud Service for etcd
- TMP
- TKE Serverless Cluster Guide
- TKE Registered Cluster Guide
Use Cases
- Cluster
- Serverless Cluster
- Scheduling
- Security
- Service Deployment
- Network
- Release
- Logs
- Monitoring
- OPS
- Terraform
- DevOps
- Auto Scaling
- Containerization
- Microservice
- Cost Management
- Hybrid Cloud
- AI
Troubleshooting
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Elastic Cluster APIs
- Resource Reserved Coupon APIs
- Cluster APIs
- Third-party Node APIs
- Relevant APIs for Addon
- Network APIs
- Node APIs
- Node Pool APIs
- TKE Edge Cluster APIs
- Cloud Native Monitoring APIs
- Scaling group APIs
- Super Node APIs
- Other APIs
- Data Types
- Error Codes
- TKE API 2022-05-01
FAQs
- TKE General Cluster
- TKE Serverless Cluster
- About OPS
- Hidden Danger Handling
- About Services
- Image Repositories
- About Remote Terminals
- Event FAQs
- Resource Management
Service Agreement
- TKE Service Level Agreement
- TKE Serverless Service Level Agreement
Contact Us
Glossary

CoreDNS Notes

Modo Foco

Tamanho da Fonte

Última atualização: 2026-04-03 11:34:15

Overview
Component Introduction
CoreDNS is the DNS service component for Kubernetes clusters, responsible for providing DNS resolution services for Services and Pods within the cluster. Built on a plugin chain architecture, it supports flexible DNS configurations including service discovery, caching, forwarding, health checks, and other features. CoreDNS defines DNS service behaviors through Corefile configuration files and enables diverse plugin combinations to meet requirements in various scenarios.
CoreDNS is installed by default when a cluster is created and does not require manual installation.
Default Corefile Configuration
.:53 {
    template ANY HINFO . {
        rcode NXDOMAIN
    }
    errors
    health {
        lameduck 30s
    }
    ready
    kubernetes cluster.local. in-addr.arpa ip6.arpa {
        pods insecure
        fallthrough in-addr.arpa ip6.arpa
    }
    prometheus :9153
    forward . /etc/resolv.conf {
        prefer_udp
    }
    cache 30
    reload
    loadbalance
}
Description of Major Plugins:
errors: Output error logs to standard output.
health: Provides a health check endpoint (default port 8080), lameduck 30s indicates that it continues to serve for 30 seconds after a shutdown signal is received.
ready: Provides a readiness check endpoint (default port 8181).
kubernetes: Kubernetes Service discovery plugin, resolves DNS records for Services and Pods within the cluster.
prometheus: Exposes Prometheus metrics on port 9153.
forward: Forwards DNS requests for non-cluster domain names to upstream DNS servers.
cache: DNS record caching with a TTL of 30 seconds.
reload: Supports hot reloading of Corefiles.
loadbalance: Provides round-robin load balancing for DNS records.
Kubernetes Objects Deployed in the Cluster
Kubernetes Object Name
Type
Requesting Resources
Associated Namespace
coredns
Deployment
100 M CPU and 30 Mi memory per instance
kube-system
coredns
ConfigMap
-
kube-system
kube-dns
Service
-
kube-system
coredns
ServiceAccount
-
kube-system
system:coredns
ClusterRole
-
-
system:coredns
ClusterRoleBinding
-
-
Prerequisites
Only supported in Kubernetes clusters of version 1.12 or above.
Kubernetes 1.24+ clusters by default use the CoreDNS v1.11.1-tke.1 image, while lower version clusters use the CoreDNS 1.8.4 image.
Special Notes
CoreDNS is deployed with 2 replicas by default. Pod anti-affinity ensures replicas are distributed across different nodes to avoid a single point of failure.
Supports multi-AZ high availability deployment: controls the strength of zone-level topology distribution constraints via the global.cluster.highAvailability configuration. Ordinary clusters use soft constraints (ScheduleAnyway), while high availability clusters use hard constraints (DoNotSchedule).
To perform a CoreDNS upgrade, it is strongly recommended to configure smooth upgrade first to maximize DNS service availability. For details, see Configuring CoreDNS Smooth Upgrade.
Component Permission Description
Permission Description
The permission of this component is the minimal dependency required for the current feature to operate.
Permission Scenarios
Function
Objects Involved
Involved Operation Permissions
Monitors Service, Pod, Namespace, and Endpoint resources within the cluster to implement service discovery.
endpoints,services,pods,namespaces
list/watch
Monitors EndpointSlice resources (service discovery optimization for Kubernetes 1.21+).
endpointslices
list/watch
Permission Definition
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: system:coredns
rules:
  - apiGroups:
      - '*'
    resources:
      - endpoints
      - services
      - pods
      - namespaces
    verbs:
      - list
      - watch
  - apiGroups:
      - discovery.k8s.io
    resources:
      - endpointslices
    verbs:
      - list
      - watch
Usage
CoreDNS is installed by default when a cluster is created and does not require manual installation. Parameter configuration is currently not supported on the console page.
To modify the Corefile, directly edit configmap/coredns in the kube-system namespace. After configuration changes, CoreDNS will hot reload automatically without restarting Pods. For detailed configurations, see CoreDNS official documentation.
Parameter Description
Parameter
Description
Type
Default Value
global.image.host
Image repository address
string
ccr.ccs.tencentyun.com
global.kubednsClusterIP
ClusterIP for the kube-dns Service; if empty, it is automatically assigned.
string
""
global.cluster.highAvailability
Whether it is a high availability cluster (controls the strength of zone topology distribution constraints)
bool
false
global.podSpec.tolerations
Additional toleration configurations (appended after the default CriticalAddonsOnly)
list
[]
global.podSpec.priorityClassName
Pod PriorityClass name
string
system-cluster-critical
coredns.replicas
CoreDNS number of replicas
int
2
coredns.hostNetwork
Whether to use the host network
bool
false
coredns.image
Custom image address; if empty, automatically selected based on the Kubernetes version.
string
""
coredns.server.port
DNS service port
int
53
coredns.livenessProbe.port
Liveness probe port
int
8080
coredns.readinessProbe.port
Readiness probe port
int
8181
coredns.resources.requests.cpu
CPU request
string
100m
coredns.resources.requests.mem
memory request
string
30Mi
coredns.resources.limits.cpu
CPU limit. Leave empty to not set.
string
""
coredns.resources.limits.mem
Memory limit
string
2Gi

Ajuda e Suporte

Esta página foi útil?

Você também pode entrar em contato com a Equipe de vendas ou Enviar um tíquete em caso de ajuda.

comentários

tencent cloud

Tencent Kubernetes Engine

CoreDNS Notes

Overview

Component Introduction

Default Corefile Configuration

Kubernetes Objects Deployed in the Cluster

Prerequisites

Special Notes

Component Permission Description

Permission Description

Permission Scenarios

Permission Definition

Usage

Parameter Description

Ajuda e Suporte

Kubernetes Object Name	Type	Requesting Resources	Associated Namespace
coredns	Deployment	100 M CPU and 30 Mi memory per instance	kube-system
coredns	ConfigMap	-	kube-system
kube-dns	Service	-	kube-system
coredns	ServiceAccount	-	kube-system
system:coredns	ClusterRole	-	-
system:coredns	ClusterRoleBinding	-	-

Function	Objects Involved	Involved Operation Permissions
Monitors Service, Pod, Namespace, and Endpoint resources within the cluster to implement service discovery.	endpoints,services,pods,namespaces	list/watch
Monitors EndpointSlice resources (service discovery optimization for Kubernetes 1.21+).	endpointslices	list/watch

Parameter	Description	Type	Default Value
`global.image.host`	Image repository address	string	`ccr.ccs.tencentyun.com`
`global.kubednsClusterIP`	ClusterIP for the kube-dns Service; if empty, it is automatically assigned.	string	`""`
`global.cluster.highAvailability`	Whether it is a high availability cluster (controls the strength of zone topology distribution constraints)	bool	`false`
`global.podSpec.tolerations`	Additional toleration configurations (appended after the default CriticalAddonsOnly)	list	`[]`
`global.podSpec.priorityClassName`	Pod PriorityClass name	string	`system-cluster-critical`
`coredns.replicas`	CoreDNS number of replicas	int	`2`
`coredns.hostNetwork`	Whether to use the host network	bool	`false`
`coredns.image`	Custom image address; if empty, automatically selected based on the Kubernetes version.	string	`""`
`coredns.server.port`	DNS service port	int	`53`
`coredns.livenessProbe.port`	Liveness probe port	int	`8080`
`coredns.readinessProbe.port`	Readiness probe port	int	`8181`
`coredns.resources.requests.cpu`	CPU request	string	`100m`
`coredns.resources.requests.mem`	memory request	string	`30Mi`
`coredns.resources.limits.cpu`	CPU limit. Leave empty to not set.	string	`""`
`coredns.resources.limits.mem`	Memory limit	string	`2Gi`