Skip to content

Latest commit

 

History

History
104 lines (83 loc) · 6.1 KB

README.md

File metadata and controls

104 lines (83 loc) · 6.1 KB

node-local-dns

Version: 2.1.3 AppVersion: 1.23.1

A chart to install node-local-dns.

NodeLocal DNSCache improves Cluster DNS performance by running a DNS caching agent on cluster nodes as a DaemonSet.

In today's architecture, Pods in 'ClusterFirst' DNS mode reach out to a kube-dns serviceIP for DNS queries. This is translated to a kube-dns/CoreDNS endpoint via iptables rules added by kube-proxy. With this new architecture, Pods will reach out to the DNS caching agent running on the same node, thereby avoiding iptables DNAT rules and connection tracking. The local caching agent will query kube-dns service for cache misses of cluster hostnames ("cluster.local" suffix by default).

Further documentation is here

This helm chart works for both kube-proxy setups (iptables or ipvs).

How to install this chart

A simple install with default values, latest chart version and generated name:

helm install --generate-name oci://ghcr.io/deliveryhero/helm-charts/node-local-dns

To install a specific version of this chart:

helm install --generate-name oci://ghcr.io/deliveryhero/helm-charts/node-local-dns --version 2.1.3

To install the chart with the release name my-release:

helm install my-release oci://ghcr.io/deliveryhero/helm-charts/node-local-dns

To install with some set values:

helm install my-release oci://ghcr.io/deliveryhero/helm-charts/node-local-dns --set values_key1=value1 --set values_key2=value2

To install with custom values file:

helm install my-release oci://ghcr.io/deliveryhero/helm-charts/node-local-dns -f values.yaml

Values

Key Type Default Description
affinity object {}
config.bindIp bool false If false, it will bind 0.0.0.0, otherwise dnsServer and localDns will be used. bottlerocket-os/bottlerocket#3711 (comment)
config.commProtocol string "force_tcp" Set communication protocol. Options are prefer_udp or force_tcp
config.customConfig string "" Overrides the generated configuration with specified one.
config.customUpstreamsvc string "" Use a custom upstreamsvc for -upstreamsvc
config.dnsDomain string "cluster.local" Internal k8s DNS domain
config.dnsServer string "172.20.0.10" Main coredns service (kube-dns) ip, used on iptables-mode.
config.enableLogging bool false Set boolean to log DNS requests
config.healthPort int 8080 Port used for the health endpoint
config.localDns string "169.254.20.25"
config.noIPv6Lookups bool false If true, return NOERROR when attempting to resolve an IPv6 address
config.prefetch object {"amount":3,"duration":"30s","enabled":false,"percentage":"20%"} If enabled, coredns will prefetch popular items when they are about to be expunged from the cache. https://coredns.io/plugins/cache/
config.setupInterface bool true
config.setupIptables bool true
config.skipTeardown bool false
configMapAnnotations object {}
configMapLabels object {}
daemonsetAnnotations object {}
daemonsetLabels object {}
dashboard object {"annotations":{},"enabled":false,"label":"grafana_dashboard","namespace":"kube-system"} https://github.com/grafana/helm-charts/blob/main/charts/grafana/README.md
dashboard.label string "grafana_dashboard" label that grafana sidecar is configured to look for
dashboard.namespace string "kube-system" namespace where grafana sidecar is configured to look for dashboards. e.g. "monitoring"
fullnameOverride string ""
image.repository string "registry.k8s.io/dns/k8s-dns-node-cache"
image.tag string "" Overrides the image tag whose default is the chart appVersion.
imagePullSecrets list []
nameOverride string ""
podAnnotations object {}
podLabels object {}
prometheusScraping.enabled bool true
resources.limits.memory string "128Mi"
resources.requests.cpu string "25m"
resources.requests.memory string "128Mi"
securityContext.capabilities.add[0] string "NET_ADMIN"
service.annotations object {} Annotations to add to the service.
serviceAccount.annotations object {} Annotations to add to the service account.
serviceAccount.create bool true Specifies whether a service account should be created.
serviceAccount.name string "" If not set and create is true, a name is generated using the fullname template.
serviceMonitor object {"enabled":false,"honorLabels":false,"labels":{},"metricRelabelings":[],"path":"/metrics","relabelings":[]} https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/getting-started.md
serviceMonitor.enabled bool false Ensure that servicemonitor is created, this will disable prometheus annotations
serviceMonitor.metricRelabelings list [] Metric relabel configs to apply to samples before ingestion. Metric Relabeling
serviceMonitor.relabelings list [] Relabel configs to apply to samples before ingestion. Relabeling
tolerations[0].key string "CriticalAddonsOnly"
tolerations[0].operator string "Exists"
tolerations[1].effect string "NoExecute"
tolerations[1].operator string "Exists"
tolerations[2].effect string "NoSchedule"
tolerations[2].operator string "Exists"

Maintainers

Name Email Url
gabrieladt [email protected]