Alauda Container Platform

NodeLocal DNSCache

TOC

Overview

NodeLocal DNSCache is a cluster plugin that improves cluster DNS performance by running a DNS caching proxy on cluster nodes. This plugin reduces DNS query latency and improves cluster stability by caching DNS responses locally on each node, minimizing the load on the central DNS service.

Key Features

  • Local DNS Caching: Caches DNS responses locally on each node to reduce query latency
  • Improved Performance: Significantly reduces DNS lookup times for applications

Important Notes

WARNING

Deployment Considerations:

  1. Kube-OVN Underlay Mode: The plugin does not support deployment in Kube-OVN Underlay mode. If deployed, it may cause DNS query failures.

  2. Kubelet Restart: Deploying this plugin will cause the kubelet to restart.

  3. Pod Restart Required: After the plugin is successfully deployed, it will not affect running Pods, but will only take effect on newly created Pods. When the CNI is Kube-OVN, you need to manually add the parameter "--node-local-dns-ip=(IP address of the local DNS cache server)" to the kube-ovn-controller.

  4. NetworkPolicy Configuration: If NetworkPolicy is configured in the cluster, you need to additionally allow both from and to directions for the node CIDR and nodeLocalDNSIP in the networkPolicy to ensure proper communication.

Installation

Install via Marketplace

  1. Navigate to Administrator > Marketplace > Cluster Plugins.

  2. Search for "Alauda Build of NodeLocal DNSCache" in the plugin list.

  3. Click Install to open the installation configuration page.

  4. Configure the required parameters:

    ParameterDescriptionExample Value
    IPThe IP address of the node local DNS cache server. For IPv4, it is recommended to use an address within the 169.254.0.0/16 range, preferably 169.254.20.10. For IPv6, it is recommended to use an address within the fd00::/8 range, preferably fd00::10.169.254.20.10

  5. Review the deployment notes and ensure your environment meets the requirements.

  6. Click Install to complete the installation.

  7. Wait for the plugin status to change to "Ready".

How It Works

Architecture

Pod → NodeLocal DNSCache → [Cache Hit] → Pod

    [Cache Miss] → CoreDNS → Response → Cache & Pod

Configuration

Network Policy Configuration

Important: If your cluster has NetworkPolicy enabled, you must configure proper rules to allow DNS traffic to the NodeLocal DNSCache. Without these rules, pods may not be able to resolve DNS queries.

When using NetworkPolicy, ensure the following DNS traffic is allowed:

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-dns-cache
spec:
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress
  ingress:
  - from:
    - ipBlock:
        cidr: 169.254.20.10/32 # NodeLocal DNS IP address
    ports:
    - protocol: UDP
      port: 53
    - protocol: TCP
      port: 53
  egress:
  - to:
    - ipBlock:
        cidr: 169.254.20.10/32 # NodeLocal DNS IP address
    ports:
    - protocol: UDP
      port: 53
    - protocol: TCP
      port: 53

View full docs as PDF