Installing NodeLocal DNS

NodeLocal DNS reduces the load from DNS requests by running a cache on every node in a Managed Service for Kubernetes cluster. This improves Managed Service for Kubernetes cluster performance and fault tolerance.

Getting startedGetting started

Make sure that the security groups for the Managed Service for Kubernetes cluster and its node groups are configured correctly. If any rule is missing, add it.

Installation using Yandex Cloud MarketplaceInstallation using Yandex Cloud Marketplace

1. Go to the folder page and select Managed Service for Kubernetes.
2. Click the name of the Managed Service for Kubernetes cluster you need and select the Marketplace tab.
3. Under Application available for installation, select NodeLocal DNS and click Go to install.
4. Configure the application:

   • Namespace: Select the kube-system namespace.

     Warning

     The application works correctly only with the kube-system namespace.

   • Application name: Specify the name for the application to be deployed in the Managed Service for Kubernetes cluster.

   • Internal IP address of the kube-dns service: Address for accessing NodeLocal DNS Cache. Requests sent from application pods to the address in the field are routed to local DNS based on the iptables rules.

     The field contains the ClusterIP address of kube-dns in the kube-system namespace. You can get the value of the field using the following command:

     kubectl get svc kube-dns -n kube-system -o jsonpath={.spec.clusterIP}
     

     Since Yandex Cloud adds the kube-dns service when creating the cluster, the IP address of the service is pre-defined. Therefore, you cannot change it in the kube-dns internal IP address field.

   • Work with Cilium: Select this option if a cluster uses the Cilium network policy controller.

5. Click Install.
6. Wait for the application to change its status to Deployed.

After installing NodeLocal DNS, use the following values:

• Managed Service for Kubernetes cluster zone: cluster.local
• NodeLocal DNS cache address: 169.254.20.10
• Application port for external queries: 53
• Port for collecting metrics in Prometheus format: 9253

Installation using a Helm chartInstallation using a Helm chart

1. Install Helm v3.8.0 or higher.

2. Install kubect and configure it to work with the new cluster.

3. Get an address to access the NodeLocal DNS Cache. You will need the address to install the Helm chart:

   kubectl get svc kube-dns -n kube-system -o jsonpath={.spec.clusterIP}
   

   The command contains the ClusterIP address of kube-dns in the kube-system namespace. kube-dns is installed automatically during cluster creation, so its IP address is pre-defined.

   Requests sent from application pods to the address you get are routed to local DNS based on the iptables rules.

4. To install a Helm chart from NodeLocal DNS, run this command:

   helm pull oci://cr.yandex/yc-marketplace/yandex-cloud/node-local-dns \
     --version 1.5.1 \
     --untar && \
   helm install \
     --set config.cilium=false \
     --set config.clusterIp="<kube-dns_IP_address>" \
     --namespace kube-system \
     node-local-dns ./node-local-dns/
   

   Warning

   The application works correctly only with the kube-system namespace.

   Note

   If you are using a Helm version below 3.8.0, append the export HELM_EXPERIMENTAL_OCI=1 && \ string to the command to enable Open Container Initiative (OCI) support in the Helm client.

For more information on how to set up local DNS caching, see Setting up NodeLocal DNS Cache.