50% Off The Criterion Collection Shop Now
Learning CoreDNS: Configuring DNS for Cloud Native Environments

Learning CoreDNS: Configuring DNS for Cloud Native Environments

by John Belamaric, Cricket Liu
Learning CoreDNS: Configuring DNS for Cloud Native Environments
Add to Wishlist
Learning CoreDNS: Configuring DNS for Cloud Native Environments

Learning CoreDNS: Configuring DNS for Cloud Native Environments

by John Belamaric, Cricket Liu

Overview

Until recently, learning CoreDNS required reading the code or combing through the skimpy documentation on the website. No longer. With this practical book, developers and operators working with Docker or Linux containers will learn how to use this standard DNS server with Kubernetes.

John Belamaric, senior staff software engineer at Google, and Cricket Liu, chief DNS architect at Infoblox, show you how to configure CoreDNS using real-world configuration examples to achieve specific purposes. You’ll learn the basics of DNS, including how it functions as a location broker in container environments and how it ties into Kubernetes.

  • Dive into DNS theory: the DNS namespace, domain names, domains, and zones
  • Learn how to configure your CoreDNS server
  • Manage and serve basic and advanced zone data with CoreDNS
  • Configure CoreDNS service discovery with etcd and Kubernetes
  • Learn one of the most common use cases for CoreDNS: the integration with Kubernetes
  • Manipulate queries and responses as they flow through the plug-in chain
  • Monitor and troubleshoot the availability and performance of your DNS service
  • Build custom versions of CoreDNS and write your own plug-ins

Product Details

ISBN-13: 9781492047919
Publisher: O'Reilly Media, Incorporated
Publication date: 08/30/2019
Sold by: Barnes & Noble
Format: eBook
Pages: 206
File size: 4 MB

About the Author

John Belamaric is an experienced software engineer and architect with over 20 years of software design and development experience. He works on the Google Cloud team, focused on Kubernetes and GKE. He is also a core maintainer of CoreDNS, a CNCF project that provides dynamic, DNS-based service discovery in Kubernetes and other container and cloud stacks.

He is a Senior Staff Software Engineer at Google, holds three patents, and is a co-author of "OpenStack Cloud Application Development".


Cricket Liu graduated from the University of California, Berkeley, that great bastion of free speech, unencumbered Unix, and cheap pizza. He joined Hewlett-Packard after graduation and worked for HP for nine years.

Cricket began managing the hp.com zone after the Loma Prieta earthquake forcibly transferred the zone's management from HP Labs to HP's Corporate Offices (by cracking a sprinkler main and flooding a Labs computer room). Cricket was hostmaster@hp.com for over three years, and then joined HP's Professional Services Organization to co-found HP's Internet Consulting Program.

Cricket left HP in 1997 to form Acme Byte & Wire, a DNS consulting and training company, with his friend Matt Larson. Network Solutions acquired Acme in June 2000, and later the same day merged with VeriSign. Cricket worked for a year as Director of DNS Product Management for VeriSign Global Registry Services.

Cricket joined Infoblox, a company that develops DNS, DHCP and IP Address Management solutions, in March, 2003. He is currently their Chief DNS Architect and a Senior Fellow. He's been reassured that they mean "senior" in the respectful sense, not in the "senior discount" sense.

Table of Contents

Preface vii

1 Introduction 1

What Is CoreDNS? 1

CoreDNS, Containers, and Microservices 2

CoreDNS Limitations 3

CoreDNS, Kubernetes, and the Cloud Native Computing Foundation 4

2 A DNS Refresher 5

What Is the Domain Name System? 5

Domain Names and the Namespace 6

Domains, Delegation, and Zones 7

Resource Records 9

DNS Servers and Authority 10

Resolvers 11

Resolution and Recursion 12

Caching 13

Resource Records 15

NAME 16

TTL 16

CLASS 17

Resource Record Types 17

The A Record 17

The AAAA Record 18

The CNAME Record 18

The MX Record 19

The NS Record 20

The SRV Record 21

The PTR Record 23

The SOA Record 24

An Annotated Zone Data File 26

3 Configuring CoreDNS 29

Getting CoreDNS 29

CoreDNS Command-Line Options 31

Corefile Syntax 32

Environment Variables 34

Reusable Snippets 35

Import 35

Server Blocks 35

Query Processing 37

Plug-ins 38

Root 39

File 39

Secondary 40

Forward 42

Cache 44

Errors 45

Log 47

Common Configuration Options 50

Fallthrough 50

Tls 50

Transfer to 51

Sample DNS Server Configurations 51

Caching-Only DNS Server 51

Primary DNS Server 52

Secondary DNS Server 52

4 Managing Zone Data 55

The file Plug-in 55

The auto Plug-in 58

Using the auto Plug-in with Git 59

The hosts Plug-in 60

The route53 plug-in 62

5 Service Discovery 65

Introduction to Service Discovery 65

Solving the Service Discovery Problem 66

Service Discovery with CoreDNS and etcd 68

The etcd Plug-in 69

Other Service Discovery Options 74

Service Discovery and Container Orchestration 75

6 Kubernetes 77

Basic Concepts 77

Kubernetes Networking 79

Cluster IP Services 80

Headless Services 81

Kubernetes DNS Specification 82

CoreDNS Integration 91

Default Configuration 93

Stub Domains and Federations 96

Cluster DNS Deployment Resources 98

Role-Based Access Control 98

Service 100

Deployment 101

Autoscaling 105

A Better Configuration 106

The kubernetes Plug-in 109

CoreDNS Extensions 111

Pod Options 111

Wildcard Queries 112

Autopath and the Dreaded ndots:5 113

Zone Transfer Support 115

Exposing Services Externally 116

Modifying the Available Records 117

7 Manipulating Queries and Responses 121

The template Plug-in 121

The rewrite Plug-in 124

Using the rewrite Plug-in for EDNS0 Options 127

Multiple rewrite Rules 128

The metadata Plug-in 129

Signing Responses with the DNS Security Extensions 130

Managing a DNSSEC-Signed Primary Zone 131

On-the-Fly DNSSEC Signing with the dnssec Plug-in 136

Case Study: Infoblox's BloxOne Threat Defense 137

Identifying Users 138

Applying Policy 139

8 Monitoring and Troubleshooting 141

The prometheus Plug-in 141

The log Plug-in 143

The dnstap Plug-in 147

The errors Plug-in 150

The trace Plug-in 151

The debug Plug-in 154

9 Building a Custom Server 157

Compiling CoreDNS with an External Plug-in 157

Building Using Docker 158

Building on Your Workstation 159

Modifying plugin.cfg 161

Replacing main 164

Writing a Custom Plug-in 170

There Can Be Only One 173

Integrating with Metrics, Trace, and Metadata 178

Index 181

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Internet & World Wide Web
Web Directories & Guides
Web Directories & Guides - General & Miscellaneous
Internet * Web Site Directories
Computers
Internet & World Wide Web
Web Directories & Guides
Web Directories & Guides - General & Miscellaneous
Internet * Web Site Directories

Customer Reviews