Skip to main content
Version: v0.29 Stable

Resolve DNS

Limited vCluster Tenancy Configuration Support

This feature is only available for the following:

Running the control plane as a container and the following worker node types:
  • Host Nodes
    • Enterprise-Only Feature

    This feature is an Enterprise feature. See our pricing plans or contact our sales team for more information.

    This feature enables adding custom DNS rules to the virtual cluster to allow communication with services deployed in the host cluster and across services in separate vCluster instances.

    Examples​

    note

    Enable embedded CoreDNS to ensure DNS resolution works inside the vcluster. Without this setting, DNS queries inside the vcluster, such as resolving services or external domains, fail. Ensure the following is added to vcluster.yaml or Helm values file:

    embedded:
      coredns:
        enabled: true

    Map a hostname​

    This is a URL-based mapping of one virtual cluster hostname to another hostname. A wikipedia.com DNS lookup would return a DNS response with answer as en.wikipedia.org.

    controlplane:
      coredns:
        enabled: true
        embedded: true 
    networking:
      resolveDNS:
        - hostname: wikipedia.com
          target:
            hostname: en.wikipedia.org

    Map a hostname wildcard​

    This is a URL-based mapping of one virtual cluster hostname to another hostname. A test.svc.kubernetes DNS lookup would return a DNS response with answer as test.svc.cluster.local.

    controlplane:
      coredns:
        enabled: true
        embedded: true 
    networking:
      resolveDNS:
        - hostname: *.svc.kubernetes
          target:
            hostname: *.svc.cluster.local

    Map a virtual cluster service to a host cluster service​

    This example maps the virtual cluster's my-namespace/my-svc resource to the host cluster's dns-test/nginx-svc resource. The DNS response is the nginx-svc IP in the host's dns-test namespace.

    controlplane:
      coredns:
        enabled: true
        embedded: true 
    networking:
      resolveDNS:
        - service: my-namespace/my-svc
          target:
            hostService: dns-test/nginx-svc

    Map services across vCluster instances​

    This example maps a virtual cluster Service to another Service in a separate virtual cluster. my-ns-in-vcluster/my-svc-vcluster maps to dns-test-in-vcluster-ns/test-in-vcluster-service in a vCluster instance named test-cluster deployed in the host namespace test-vcluster-ns.

    controlplane:
      coredns:
        enabled: true
        embedded: true 
    networking:
      resolveDNS:
        - service: my-ns-in-vcluster/my-svc-vcluster
          target:
            vClusterService: test-vcluster-ns/test-vcluster/dns-test-in-vcluster-ns/test-in-vcluster-service

    Map namespaces​

    Map all services under a virtual cluster namespace to a host namespace. This host namespace could also contain another vCluster instance, thereby mapping all vCluster services to another vCluster instance.

    controlplane:
      coredns:
        enabled: true
        embedded: true 
    networking:
      resolveDNS:
        - namespace: test-in-vcluster-ns
          target:
            hostNamespace: external-vc-ns

    All services in the test-vcluster virtual cluster's target namespace test-in-vcluster-ns map to namespace external-vc-ns.

        β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
        β”‚nginx.external-vc-ns  β”‚β”‚nginx.test-in-vcluster-ns     β”‚
        β”‚svcA.external-vc-ns   β”‚β”‚svcA.test-in-vcluster-ns      β”‚
        β”‚svcB.external-vc-ns   β”‚β”‚svcB.test-in-vcluster-ns      β”‚
        β”‚...                   β”‚β”‚...                           β”‚
        β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

    Config reference​

    resolveDNS required object[] ​

    ResolveDNS allows to define extra DNS rules. This only works if embedded coredns is configured.

    hostname required string ​

    Hostname is the hostname within the vCluster that should be resolved from.

    service required string ​

    Service is the virtual cluster service that should be resolved from.

    namespace required string ​

    Namespace is the virtual cluster namespace that should be resolved from.

    target required object ​

    Target is the DNS target that should get mapped to

    hostname required string ​

    Hostname to use as a DNS target

    ip required string ​

    IP to use as a DNS target

    hostService required string ​

    HostService to target, format is hostNamespace/hostService

    hostNamespace required string ​

    HostNamespace to target

    vClusterService required string ​

    VClusterService format is hostNamespace/vClusterName/vClusterNamespace/vClusterService