Overview
Prior to Konvoy release v1.6.1, the CoreDNS component was configured without caching because the version of CoreDNS included in some older Konvoy versions did not return authoritative DNS responses if the result came from the cache.
Non-authoritative DNS responses are problematic for some applications, especially Python-based applications. The Python runtime ignores non-authoritative DNS responses.
However, having DNS caching disabled in CoreDNS increases the etcd load which in certain scenarios may impact negatively the performance and stability of the cluster.
Since CoreDNS v1.5.1, responses are always authoritative, so re-enabling the CoreDNS cache does not affect applications that rely on authoritative responses. Konvoy 1.3 and higher include CoreDNS 1.6.2 or newer, so caching can safely be re-enabled on those Konvoy versions. Re-enabling it can improve cluster performance by reducing the load on etcd.
Starting in Konvoy v1.6.1, caching for CoreDNS responses is enabled by default.
Solution
When using Konvoy releases prior to v1.6.1, CoreDNS cache can be re-enabled by editing the coredns configmap in the kube-system namespace:
> kubectl edit cm coredns -n kube-system
The parameter “cache” must be added. This is how CoreDNS configmap should look after adding the “cache” parameter with a value of 30 seconds:
apiVersion: v1 data: Corefile: |- .:53 { errors health ready kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa } prometheus :9153 cache 30 forward . /etc/resolv.conf loop reload loadbalance } kind: ConfigMap metadata: creationTimestamp: "2021-01-06T15:39:51Z" managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:data: {} manager: kubeadm operation: Update time: "2021-01-06T15:39:51Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:data: f:Corefile: {} manager: kubectl operation: Update time: "2021-01-06T15:40:15Z" name: coredns namespace: kube-system resourceVersion: "438" selfLink: /api/v1/namespaces/kube-system/configmaps/coredns uid: 867bf91c-711e-4542-a687-ce84b86c1ac3