The DNS add-on in Kubernetes (typically CoreDNS) provides critical service discovery functionality throughout your cluster. It's one of the most important add-ons and is deployed by default in most Kubernetes installations.

Key functions of the Kubernetes DNS add-on:

1. Service Discovery:

   • Creates DNS records for Kubernetes Services
   • Allows pods to find and connect to Services using names instead of IP addresses
   • Enables applications to use stable DNS names regardless of pod restarts or scaling

2. Name Resolution Patterns:

   • <service-name>.<namespace>.svc.cluster.local → resolves to service's cluster IP
   • <pod-ip-with-dashes>.<namespace>.pod.cluster.local → resolves to pod's IP
   • Supports shorter forms within the same namespace (just <service-name>)

3. DNS Policy Enforcement:

   • Handles DNS query policies based on pod DNS configurations
   • Supports different DNS policies (ClusterFirst, Default, None, etc.)

4. Customizable Records:

   • Allows creating custom DNS entries via the ExternalName Service type
   • Supports DNS configurations via ConfigMaps

Implementation in modern Kubernetes:

CoreDNS is the default DNS server in Kubernetes since v1.13, replacing the older kube-dns. CoreDNS is:

• Deployed as a Deployment in the kube-system namespace
• Exposed as a Service named "kube-dns" (for backward compatibility)
• Configured via a ConfigMap

How it works:

1. Deployment: The CoreDNS pods are deployed, typically with a replica count of 2 for high availability

2. Service Exposure: CoreDNS is exposed as a Service with a static cluster IP address

3. Discovery: Kubelet configures each pod's /etc/resolv.conf to use CoreDNS as its nameserver

4. Kubernetes Integration: CoreDNS watches the Kubernetes API for changes to Services and Endpoints

5. Record Creation: When Services are created or modified, CoreDNS automatically updates its records

Example DNS lookups from a pod:

# Full qualified domain name for a service
nslookup nginx-service.default.svc.cluster.local

# Short name (within same namespace)
nslookup nginx-service

# Service in another namespace
nslookup monitoring-service.monitoring.svc.cluster.local

# Specific port of a service (SRV record)
nslookup _http._tcp.nginx-service.default.svc.cluster.local

Custom configurations:

CoreDNS is highly extensible through its Corefile configuration, allowing for:

• Custom domain forwarding
• Stub domains
• Upstream nameservers
• Rewriting rules
• Caching policies

An example of a custom configuration might be forwarding queries for specific domains to specialized DNS servers, or configuring pods in specific namespaces to use different DNS settings.

The DNS add-on is essential for service-oriented architectures in Kubernetes, allowing containerized applications to communicate using stable names rather than dealing with the ephemeral nature of pod IPs.