Skip to content

How to update the CoreDNS ConfigMap in a Rancher Kubernetes Engine (RKE) CLI or Rancher v2.x provisioned Kubernetes cluster

This document (000020115) is provided subject to the disclaimer at the end of this document.

Environment

  • A Rancher Kubernetes Engine (RKE) Kubernetes cluster provisioned by the RKE CLI or Rancher v2.x, using the CoreDNS add-on.
  • kubectl access to the cluster with a kubeconfig sourced for a global admin or cluster owner user.

Situation

You might wish to update the Corefile configuration of CoreDNS, defined via the coredns ConfigMap in the kube-system Namespace, for example, in order to enable query logging or update the resolver policy. This article details how to update this ConfigMap and persist changes in a Rancher Kubernetes Engine (RKE) cluster.

Resolution

  1. Capture the current CoreDNS ConfigMap definition, with the following kubectl command:
kubectl -n kube-system get configmap coredns -o go-template={{.data.Corefile}}

The output should look like the following:

.:53 {
       errors
       health
       ready
       kubernetes cluster.local in-addr.arpa ip6.arpa {
         pods insecure
         fallthrough in-addr.arpa ip6.arpa
       }
       prometheus :9153
       forward . "/etc/resolv.conf" {
         policy random
       }
       cache 30
       loop
       reload
       loadbalance
}
  1. Edit the cluster configuration YAML, to define a custom add-on containing the CoreDNS ConfigMap, with your desired changes. For RKE provisioned clusters, add this into the cluster.yml file. For a Rancher provisioned cluster, navigate to the cluster view in the Rancher UI, open the edit cluster view and click Edit as YAML.

Create the add-on with the content below, replacing the Corefile definition with the existing configuration retrieved in step 1. Then make the desired changes, in this example the resolver policy is updated from random, in the existing configuration, to sequential.

apiVersion: v1
kind: ConfigMap
metadata:
     name: coredns
     namespace: kube-system
data:
     Corefile: |
       .:53 {
           errors
           health
           ready
           kubernetes cluster.local in-addr.arpa ip6.arpa {
             pods insecure
             fallthrough in-addr.arpa ip6.arpa
           }
           prometheus :9153
           forward . "/etc/resolv.conf" {
             policy sequential
           }
           cache 30
           loop
           reload
           loadbalance
       }
  1. Update the cluster with the new configuration. For RKE provisioned clusters, invoke rke up --cluster.yml ( ensure the cluster.rkestate file is present in the working directory when invoking rke up). For Rancher provisioned clusters, click Save in the Rancher UI Edit as YAML view.

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.