![Learning CoreDNS: Configuring DNS for Cloud Native Environments](http://img.images-bn.com/static/redesign/srcs/images/grey-box.png?v11.9.4)
Learning CoreDNS: Configuring DNS for Cloud Native Environments
203![Learning CoreDNS: Configuring DNS for Cloud Native Environments](http://img.images-bn.com/static/redesign/srcs/images/grey-box.png?v11.9.4)
Learning CoreDNS: Configuring DNS for Cloud Native Environments
203Paperback
-
PICK UP IN STORECheck Availability at Nearby Stores
Available within 2 business hours
Related collections and offers
Overview
John Belamaric, senior staff software engineer at Google, and Cricket Liu, chief DNS architect at Infoblox, show you how to configure CoreDNS using real-world configuration examples to achieve specific purposes. You’ll learn the basics of DNS, including how it functions as a location broker in container environments and how it ties into Kubernetes.
- Dive into DNS theory: the DNS namespace, domain names, domains, and zones
- Learn how to configure your CoreDNS server
- Manage and serve basic and advanced zone data with CoreDNS
- Configure CoreDNS service discovery with etcd and Kubernetes
- Learn one of the most common use cases for CoreDNS: the integration with Kubernetes
- Manipulate queries and responses as they flow through the plug-in chain
- Monitor and troubleshoot the availability and performance of your DNS service
- Build custom versions of CoreDNS and write your own plug-ins
Product Details
ISBN-13: | 9781492047964 |
---|---|
Publisher: | O'Reilly Media, Incorporated |
Publication date: | 09/24/2019 |
Pages: | 203 |
Product dimensions: | 6.90(w) x 9.10(h) x 0.50(d) |
About the Author
He is a Senior Staff Software Engineer at Google, holds three patents, and is a co-author of "OpenStack Cloud Application Development".
Cricket Liu graduated from the University of California, Berkeley, that great bastion of free speech, unencumbered Unix, and cheap pizza. He joined Hewlett-Packard after graduation and worked for HP for nine years.
Cricket began managing the hp.com zone after the Loma Prieta earthquake forcibly transferred the zone's management from HP Labs to HP's Corporate Offices (by cracking a sprinkler main and flooding a Labs computer room). Cricket was hostmaster@hp.com for over three years, and then joined HP's Professional Services Organization to co-found HP's Internet Consulting Program.
Cricket left HP in 1997 to form Acme Byte & Wire, a DNS consulting and training company, with his friend Matt Larson. Network Solutions acquired Acme in June 2000, and later the same day merged with VeriSign. Cricket worked for a year as Director of DNS Product Management for VeriSign Global Registry Services.
Cricket joined Infoblox, a company that develops DNS, DHCP and IP Address Management solutions, in March, 2003. He is currently their Chief DNS Architect and a Senior Fellow. He's been reassured that they mean "senior" in the respectful sense, not in the "senior discount" sense.
Table of Contents
Preface vii
1 Introduction 1
What Is CoreDNS? 1
CoreDNS, Containers, and Microservices 2
CoreDNS Limitations 3
CoreDNS, Kubernetes, and the Cloud Native Computing Foundation 4
2 A DNS Refresher 5
What Is the Domain Name System? 5
Domain Names and the Namespace 6
Domains, Delegation, and Zones 7
Resource Records 9
DNS Servers and Authority 10
Resolvers 11
Resolution and Recursion 12
Caching 13
Resource Records 15
NAME 16
TTL 16
CLASS 17
Resource Record Types 17
The A Record 17
The AAAA Record 18
The CNAME Record 18
The MX Record 19
The NS Record 20
The SRV Record 21
The PTR Record 23
The SOA Record 24
An Annotated Zone Data File 26
3 Configuring CoreDNS 29
Getting CoreDNS 29
CoreDNS Command-Line Options 31
Corefile Syntax 32
Environment Variables 34
Reusable Snippets 35
Import 35
Server Blocks 35
Query Processing 37
Plug-ins 38
Root 39
File 39
Secondary 40
Forward 42
Cache 44
Errors 45
Log 47
Common Configuration Options 50
Fallthrough 50
Tls 50
Transfer to 51
Sample DNS Server Configurations 51
Caching-Only DNS Server 51
Primary DNS Server 52
Secondary DNS Server 52
4 Managing Zone Data 55
The file Plug-in 55
The auto Plug-in 58
Using the auto Plug-in with Git 59
The hosts Plug-in 60
The route53 plug-in 62
5 Service Discovery 65
Introduction to Service Discovery 65
Solving the Service Discovery Problem 66
Service Discovery with CoreDNS and etcd 68
The etcd Plug-in 69
Other Service Discovery Options 74
Service Discovery and Container Orchestration 75
6 Kubernetes 77
Basic Concepts 77
Kubernetes Networking 79
Cluster IP Services 80
Headless Services 81
Kubernetes DNS Specification 82
CoreDNS Integration 91
Default Configuration 93
Stub Domains and Federations 96
Cluster DNS Deployment Resources 98
Role-Based Access Control 98
Service 100
Deployment 101
Autoscaling 105
A Better Configuration 106
The kubernetes Plug-in 109
CoreDNS Extensions 111
Pod Options 111
Wildcard Queries 112
Autopath and the Dreaded ndots:5 113
Zone Transfer Support 115
Exposing Services Externally 116
Modifying the Available Records 117
7 Manipulating Queries and Responses 121
The template Plug-in 121
The rewrite Plug-in 124
Using the rewrite Plug-in for EDNS0 Options 127
Multiple rewrite Rules 128
The metadata Plug-in 129
Signing Responses with the DNS Security Extensions 130
Managing a DNSSEC-Signed Primary Zone 131
On-the-Fly DNSSEC Signing with the dnssec Plug-in 136
Case Study: Infoblox's BloxOne Threat Defense 137
Identifying Users 138
Applying Policy 139
8 Monitoring and Troubleshooting 141
The prometheus Plug-in 141
The log Plug-in 143
The dnstap Plug-in 147
The errors Plug-in 150
The trace Plug-in 151
The debug Plug-in 154
9 Building a Custom Server 157
Compiling CoreDNS with an External Plug-in 157
Building Using Docker 158
Building on Your Workstation 159
Modifying plugin.cfg 161
Replacing main 164
Writing a Custom Plug-in 170
There Can Be Only One 173
Integrating with Metrics, Trace, and Metadata 178
Index 181