Skip to main content

Re-enabling CoreDNS cache in Konvoy

Jena Miller
  • Updated

Overview

Prior to Konvoy release v1.6.1, the CoreDNS component was configured without caching because the version of CoreDNS included in some older Konvoy versions did not return authoritative DNS responses if the result came from the cache.  
 
Non-authoritative DNS responses are problematic for some applications, especially Python-based applications. The Python runtime ignores non-authoritative DNS responses.
 
However, having DNS caching disabled in CoreDNS increases the etcd load which in certain scenarios may impact negatively the performance and stability of the cluster.
 
Since CoreDNS v1.5.1, responses are always authoritative, so re-enabling the CoreDNS cache does not affect applications that rely on authoritative responses.  Konvoy 1.3 and higher include CoreDNS 1.6.2 or newer, so caching can safely be re-enabled on those Konvoy versions.  Re-enabling it can improve cluster performance by reducing the load on etcd.
 
Starting in Konvoy v1.6.1, caching for CoreDNS responses is enabled by default.
 
Solution
 
When using Konvoy releases prior to v1.6.1, CoreDNS cache can be re-enabled by editing the coredns configmap in the kube-system namespace:

> kubectl edit cm coredns -n kube-system


The parameter “cache” must be added. This is how CoreDNS configmap should look after adding the “cache” parameter with a value of 30 seconds:

apiVersion: v1
data:
  Corefile: |-
    .:53 {
        errors
        health
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
           pods insecure
           fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        cache  30
        forward . /etc/resolv.conf
        loop
        reload
        loadbalance
    }
kind: ConfigMap
metadata:
  creationTimestamp: "2021-01-06T15:39:51Z"
  managedFields:
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:data: {}
    manager: kubeadm
    operation: Update
    time: "2021-01-06T15:39:51Z"
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:data:
        f:Corefile: {}
    manager: kubectl
    operation: Update
    time: "2021-01-06T15:40:15Z"
  name: coredns
  namespace: kube-system
  resourceVersion: "438"
  selfLink: /api/v1/namespaces/kube-system/configmaps/coredns
  uid: 867bf91c-711e-4542-a687-ce84b86c1ac3