Skip to content

How to update the CoreDNS ConfigMap in a Rancher Kubernetes Engine (RKE) CLI or Rancher v2.x provisioned Kubernetes cluster

This document (000020115) is provided subject to the disclaimer at the end of this document.

Environment

  • A Rancher Kubernetes Engine (RKE) Kubernetes cluster provisioned by the RKE CLI or Rancher v2.x, using the CoreDNS add-on.
  • kubectl access to the cluster with a kubeconfig sourced for a global admin or cluster owner user.

Situation

You might wish to update the Corefile configuration of CoreDNS, defined via the coredns ConfigMap in the kube-system Namespace, for example, in order to enable query logging or update the resolver policy. This article details how to update this ConfigMap and persist changes in a Rancher Kubernetes Engine (RKE) cluster.

Resolution

  1. Capture the current CoreDNS ConfigMap definition, with the following kubectl command:
kubectl -n kube-system get configmap coredns -o go-template={{.data.Corefile}}

The output should look like the following:

.:53 {
    errors
    health
    ready
    kubernetes cluster.local in-addr.arpa ip6.arpa {
      pods insecure
      fallthrough in-addr.arpa ip6.arpa
    }
    prometheus :9153
    forward . "/etc/resolv.conf" {
      policy random
    }
    cache 30
    loop
    reload
    loadbalance
}
2. Edit the cluster configuration YAML, to define a custom add-on containing the CoreDNS ConfigMap, with your desired changes. For RKE provisioned clusters, add this into the cluster.yml file. For a Rancher provisioned cluster, navigate to the cluster view in the Rancher UI, open the edit cluster view and click Edit as YAML.

Create the add-on with the content below, replacing the Corefile definition with the existing configuration retrieved in step 1. Then make the desired changes, in this example the resolver policy is updated from random, in the existing configuration, to sequential.

apiVersion: v1
kind: ConfigMap
metadata:
  name: coredns
  namespace: kube-system
data:
  Corefile: |
    .:53 {
        errors
        health
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
          pods insecure
          fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        forward . "/etc/resolv.conf" {
          policy sequential
        }
        cache 30
        loop
        reload
        loadbalance
    }
3. Update the cluster with the new configuration. For RKE provisioned clusters, invoke rke up --cluster.yml (ensure the cluster.rkestate file is present in the working directory when invoking rke up ). For Rancher provisioned clusters, click Save in the Rancher UI Edit as YAML view.

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.