Lesson 4.1: Kubernetes Networking Overview (Cluster Networking, DNS)

DNS (Domain Name System) in Kubernetes is a critical component that enables service discovery within the cluster. It allows pods and services to communicate with each other using human-readable names instead of IP addresses. Kubernetes uses CoreDNS (or kube-dns in older versions) as the default DNS service to resolve names to IP addresses.

How DNS Works in Kubernetes

  • CoreDNS:
    • CoreDNS is a flexible, extensible DNS server that serves as the default DNS service in Kubernetes.
    • It is deployed as a pod in the kube-system namespace and is managed by a Deployment.
    • CoreDNS reads its configuration from a ConfigMap (e.g., coredns in the kube-system namespace).
[root@master dns]# kubectl get configmap -n=kube-system 
NAME                                                   DATA   AGE
calico-config                                          4      5d7h
coredns                                                1      5d7h
extension-apiserver-authentication                     6      5d7h
kube-apiserver-legacy-service-account-token-tracking   1      5d7h
kube-proxy                                             2      5d7h
kube-root-ca.crt                                       1      5d7h
kubeadm-config                                         1      5d7h
kubelet-config                                         1      5d7h
 
[root@master dns]# kubectl describe cm coredns -n=kube-system 
Name:         coredns
Namespace:    kube-system
Labels:       <none>
Annotations:  <none>
 
Data
====
Corefile:
----
.:53 {
    errors
    health {
       lameduck 5s
    }
    ready
    kubernetes cluster.local in-addr.arpa ip6.arpa {
       pods insecure
       fallthrough in-addr.arpa ip6.arpa
       ttl 30
    }
    prometheus :9153
    forward . /etc/resolv.conf {
       max_concurrent 1000
    }
    cache 30 {
       disable success cluster.local
       disable denial cluster.local
    }
    loop
    reload
    loadbalance
}
 
 
 
BinaryData
====
 
Events:  <none>
[root@master networking]# cat pod.yml 
apiVersion: v1
kind: Pod
metadata: 
  name: shared-namespace
spec:
  containers:
  - name: p1 
    image: busybox
    command: ['/bin/sh','-c','sleep 10000']
  - name: p2 
    image: nginx 
 
[root@master networking]# kubectl apply -f pod.yml 
pod/shared-namespace created
[root@master networking]# kubectl get nodes 
NAME                STATUS   ROLES           AGE     VERSION
dev-control-plane   Ready    control-plane   5d21h   v1.32.2
dev-worker          Ready    <none>          5d21h   v1.32.2
dev-worker2         Ready    <none>          5d21h   v1.32.2
 
[root@master ~]# docker ps 
CONTAINER ID   IMAGE                  COMMAND                  CREATED      STATUS       PORTS                                                 NAMES
94c452694048   kindest/node:v1.32.2   "/usr/local/bin/entr…"   5 days ago   Up 7hours  dev-worker2
679760d6ae3f   kindest/node:v1.32.2   "/usr/local/bin/entr…"   5 days ago   Up 7 hours   0.0.0.0:30001->30001/tcp, 127.0.0.1:45421->6443/tcp   dev-control-plane
129d3fba1c07   kindest/node:v1.32.2   "/usr/local/bin/entr…"   5 days ago   Up 7 hours  dev-worker
 
[root@master ~]# docker exec -it dev-worker bash 
 
root@dev-worker:/# ip netns list 
cni-f8af56ee-f5bb-b88c-1525-55f59bb99720 (id: 1)
 
root@dev-worker:/# lsns | grep nginx 
4026533378 mnt         7 66444 root  nginx: master process nginx -g daemon off;
4026533379 pid         7 66444 root  nginx: master process nginx -g daemon off;
4026533380 cgroup      7 66444 root  nginx: master process nginx -g daemon off;
 
root@dev-worker:/# lsns -p 66444
        NS TYPE   NPROCS   PID USER  COMMAND
4026531834 time       38     1 root  /sbin/init
4026531837 user       38     1 root  /sbin/init
4026533311 net         9 66319 65535 /pause
4026533372 uts         9 66319 65535 /pause
4026533373 ipc         9 66319 65535 /pause
4026533378 mnt         7 66444 root  nginx: master process nginx -g daemon off;
4026533379 pid         7 66444 root  nginx: master process nginx -g daemon off;
4026533380 cgroup      7 66444 root  nginx: master process nginx -g daemon off;
 
root@dev-worker:/# ls -lt /var/run/netns
total 0
-r--r--r--. 1 root root 0 Mar 15 02:27 cni-f8af56ee-f5bb-b88c-1525-55f59bb99720
 
root@dev-worker:/# ip netns exec cni-f8af56ee-f5bb-b88c-1525-55f59bb99720 ip link 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ipip 0.0.0.0 brd 0.0.0.0
3: eth0@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1480 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 2e:b2:10:18:13:fa brd ff:ff:ff:ff:ff:ff link-netnsid 0
 
root@dev-worker:/# ip link 
...
10: caliede2c6f02d9@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1480 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-f8af56ee-f5bb-b88c-1525-55f59bb99720
All systems normal

© 2025 2023 Sanjeeb KC. All rights reserved.