Nicolai Ort
3e4fbb616b
All checks were successful
Build latest image / build-container (push) Successful in 53s
1.3 KiB
1.3 KiB
title, weight, tags
| title | weight | tags | |
|---|---|---|---|
| Understanding and Debugging DNS in Kubernetes Clusters | 4 |
|
{{% button href="https://www.youtube.com/watch?v=awXjABDknww" style="warning" icon="video" %}}Watch talk on YouTube{{% /button %}} {{% button href="https://github.com/mqasimsarfraz/talks/tree/main/CloudNativeRejekts-2025" style="tip" icon="person-chalkboard" %}}Slides{{% /button %}}
Baseline
DNS Components
graph LR
Application-->NodeLocalDNS-->CoreDNS-->Upstream
Problems
- Many hidden systems
- Not easy to trace across clusters
Tools
Demo queries are located in the slides and were executed during the stream
CoreDNS Log Plugin
- Core-Plugin (just needs to be activated)
- Logs all requests to stdout
Hubble
- Cilium observability needs cilium l7 proxy, runs as deamonset
- Needs CiliumNetworkPolicies for AppPod and CoreDNS
- Metrics, UI and cli with jq (and protocol filter)
Inspector Gadget
- Toolset for Kubernetes and Linux that can be customized
- Runns as daemonset or debug pod - gadgets are distributed as containers (via artifactorhub)
- DNS-Gadget: Trace via ebpf, post process with wasm
Overview
- CoreDNS: Great for initial, nut only CoreDNS
- Hubble: Compact overview, but cilium needed with special configs
- Inspector Gadget: Rich DNS traces, limited tcp support