Resolve DNS
This feature enables adding custom DNS rules to the virtual cluster to allow communication with services deployed in the host cluster and across services in separate vCluster instances.
Examples
Enable embedded CoreDNS to ensure DNS resolution works inside the vCluster. Without this setting, DNS queries inside the vCluster, such as resolving services or external domains, fail. Ensure the following is added to vcluster.yaml or Helm values file:
controlplane:
coredns:
enabled: true
embedded: true
Map a hostname
This is a URL-based mapping of one virtual cluster hostname to another hostname. A wikipedia.com DNS lookup would return a DNS response with answer as en.wikipedia.org.
controlplane:
coredns:
enabled: true
embedded: true
networking:
resolveDNS:
- hostname: wikipedia.com
target:
hostname: en.wikipedia.org
Map a hostname wildcard
This is a URL-based mapping of one virtual cluster hostname to another hostname. A test.svc.kubernetes DNS lookup would return a DNS response with answer as test.svc.cluster.local.
controlplane:
coredns:
enabled: true
embedded: true
networking:
resolveDNS:
- hostname: *.svc.kubernetes
target:
hostname: *.svc.cluster.local
Map a virtual cluster service to a host cluster service
This example maps the virtual cluster's my-namespace/my-svc resource to the host cluster's dns-test/nginx-svc resource. The DNS response is the nginx-svc IP in the host's dns-test namespace.
controlplane:
coredns:
enabled: true
embedded: true
networking:
resolveDNS:
- service: my-namespace/my-svc
target:
hostService: dns-test/nginx-svc
Map services across vCluster instances
This example maps a virtual cluster Service to another Service in a separate virtual cluster.
my-ns-in-vcluster/my-svc-vcluster maps to dns-test-in-vcluster-ns/test-in-vcluster-service in a vCluster instance named test-cluster deployed in the host namespace test-vcluster-ns.
controlplane:
coredns:
enabled: true
embedded: true
networking:
resolveDNS:
- service: my-ns-in-vcluster/my-svc-vcluster
target:
vClusterService: test-vcluster-ns/test-vcluster/dns-test-in-vcluster-ns/test-in-vcluster-service
Map namespaces
Map all services under a virtual cluster namespace to a host namespace. This host namespace could also contain another vCluster instance, thereby mapping all vCluster services to another vCluster instance.
controlplane:
coredns:
enabled: true
embedded: true
networking:
resolveDNS:
- namespace: test-in-vcluster-ns
target:
hostNamespace: external-vc-ns
All services in the test-vcluster virtual cluster's target namespace test-in-vcluster-ns map to namespace external-vc-ns.
┌──────────────────────┐┌──────────────────────────────┐
│nginx.external-vc-ns ││nginx.test-in-vcluster-ns │
│svcA.external-vc-ns ││svcA.test-in-vcluster-ns │
│svcB.external-vc-ns ││svcB.test-in-vcluster-ns │
│... ││... │
└──────────────────────┘└──────────────────────────────┘
Config reference
resolveDNS required object[]
ResolveDNS allows to define extra DNS rules. This only works if embedded coredns is configured.
resolveDNS required object[] hostname required string
Hostname is the hostname within the vCluster that should be resolved from.
hostname required string service required string
Service is the virtual cluster service that should be resolved from.
service required string namespace required string
Namespace is the virtual cluster namespace that should be resolved from.
namespace required string target required object
Target is the DNS target that should get mapped to
target required object hostname required string
Hostname to use as a DNS target
hostname required string ip required string
IP to use as a DNS target
ip required string hostService required string
HostService to target, format is hostNamespace/hostService
hostService required string hostNamespace required string
HostNamespace to target
hostNamespace required string vClusterService required string
VClusterService format is hostNamespace/vClusterName/vClusterNamespace/vClusterService
vClusterService required string