CoreDNS v1.13.1 - AudioDocs
Tool: CoreDNS - Kubernetes DNS Server (CNCF Graduated) Version: v1.13.1 Duration: ~72 minutes Voice: Algieba (Gemini 2.5 TTS) Source: coredns.io | GitHub
Listen
About CoreDNS
CoreDNS is a flexible, extensible DNS server that serves as the default DNS provider for Kubernetes clusters. Built on a plugin architecture, it handles service discovery, external DNS resolution, and custom DNS policies.
Every time a pod looks up a service by name, every time your application resolves cluster.local, every time kubectl exec needs to find a pod - CoreDNS handles that resolution.
Chapters
This AudioDocs episode covers the complete CoreDNS v1.13.1 documentation in 20 segments:
| # | Topic | Description |
|---|---|---|
| 1 | Introduction | Overview of what CoreDNS is and what this episode covers |
| 2 | Project Context | History, CNCF graduation, why CoreDNS replaced kube-dns |
| 3 | Architecture | Plugin architecture explained - the "Lego blocks" model |
| 4 | Core Concepts | Server blocks, zones, plugin ordering, request flow |
| 5 | Installation | Kubernetes deployment, standalone binary, Docker, package managers |
| 6 | Corefile Configuration | Server blocks, zones, plugin syntax, multiple servers |
| 7 | Common Setups | Recursive resolver, authoritative DNS, Kubernetes service discovery |
| 8 | kubernetes Plugin | Service discovery, pod modes, endpoint slices, headless services |
| 9 | forward Plugin | Upstream servers, protocols, health checking, policy options |
| 10 | cache Plugin | Response caching, TTL handling, prefetch, denial caching |
| 11 | file Plugin | Zone file serving, AXFR transfers, automatic reloading |
| 12 | hosts Plugin | /etc/hosts style records, inline entries, fallthrough |
| 13 | errors & log Plugins | Error handling, query logging, log formats |
| 14 | health & ready Plugins | Liveness/readiness probes, lameduck mode |
| 15 | prometheus Plugin | Metrics exposition, Grafana dashboards, key metrics |
| 16 | rewrite Plugin | Query rewriting, name/type/class modifications |
| 17 | acl Plugin | Access control lists, IP-based filtering, zone protection |
| 18 | DNS Security | DNSSEC, DNS over TLS, DNS over HTTPS, DNS64 |
| 19 | Additional Plugins | template, loadbalance, loop, whoami, chaos |
| 20 | Closing | Summary and key takeaways |
Topics Deep-Dive
Plugin Architecture
CoreDNS processes DNS requests through a chain of plugins. Each plugin either handles the request, modifies it, or passes it to the next plugin. This composable design lets you build exactly the DNS server you need.
Kubernetes Integration
The kubernetes plugin enables service discovery in Kubernetes clusters:
- Resolves
service.namespace.svc.cluster.localto ClusterIP - Handles headless services with individual pod IPs
- Supports endpoint slices for large deployments
- Configurable pod verification modes
Essential Plugins Covered
forward: Route queries to upstream DNS servers
- Protocol support: DNS, DNS over TLS, DNS over gRPC
- Health checking with automatic failover
- Load balancing policies (round_robin, random, sequential)
cache: Response caching for performance
- Configurable TTL and cache size
- Prefetch for frequently requested records
- Denial caching for NXDOMAIN responses
metrics: Prometheus integration
- Query latency histograms
- Cache hit/miss ratios
- Response codes by zone
rewrite: Query modification
- Rewrite names, types, classes
- Pattern matching with regular expressions
- Response rewriting
DNS Security
- DNSSEC: Sign zones and validate responses
- DNS over TLS: Encrypted queries to upstream servers (port 853)
- DNS over HTTPS: HTTPS-based DNS resolution
- ACLs: Filter queries by source IP
Key Takeaways
-
Plugin order matters - CoreDNS executes plugins in the order they're defined in the Corefile
-
One Corefile, multiple servers - Use different server blocks for different zones and ports
-
kubernetes plugin is usually first - In Kubernetes deployments, handle cluster DNS before forwarding to upstream
-
Cache wisely - Caching improves performance but can cause stale data issues; tune TTLs appropriately
-
Monitor with Prometheus - The metrics plugin provides visibility into DNS health and performance
-
Test configuration changes - Use
coredns -conf Corefile -dns.port 5553to test before deploying
License & Attribution
This AudioDocs episode is based on the official CoreDNS v1.13.1 documentation, licensed under the Apache License 2.0.
- Original Documentation: coredns.io/manual/toc/
- License: Apache License 2.0
- Copyright: © CoreDNS Authors
This audio content is a derivative work that transforms the written documentation into an educational audio format. All technical content is derived from the original documentation with proper attribution as required by the license.
Other Versions
| Version | Status |
|---|---|
| v1.13.1 | Current |