The product described by this documentation, Anthos Clusters on AWS (previous generation), is now in maintenance mode. All new installs must use the current generation product, Anthos clusters on AWS.

Service discovery and DNS

This topic describes how GKE on AWS interacts with Domain Name Services (DNS) on both your AWS Virtual Private Cloud (VPC) and clusters.

AWS VPC DNS

This section describes how you can configure an AWS Virtual Private Cloud (VPC) for GKE on AWS.

Configuring VPC DNS

GKE on AWS supports a variety of DNS configurations in your AWS VPC. You configure your VPC's DNS settings when you Create a DHCP options set. For more information, see DNS support for your VPC.

You can configure the following options:

DNS Hostnames: This sets whether EC2 instances with public IP addresses get corresponding public DNS hostnames. You set this value using the enableDNSHostnames field in your VPC's DHCP option set. For more information, see VPC DNS Hostnames and DHCP options sets for your VPC.
EC2 DNS Hostnames: This sets whether EC2 instances receive a default DNS hostname or a custom DNS hostname.
DNS server: Whether your VPC's DHCP options set uses either the AWS Route53 DNS server (with the AmazonProvidedDNS option), or a hosted DNS server.

Supported VPC DNS configurations

The following table includes DNS configurations supported by GKE on AWS:

Enable DNS hostnames	EC2 DNS hostnames	DNS server	Supported?
`true`	Default	AWS Route53	Yes
`false`	Default	AWS Route53	Yes
`true`	Custom	AWS Route53	Yes
`false`	Custom	AWS Route53	Yes
`true`	Custom	Hosted	Yes
`false`	Custom	Hosted	Yes
`true`	Default	Hosted	No
`false`	Default	Hosted	No

Service discovery

Service discovery is the process where workloads discover services without knowing their IP address. This section describes how GKE on AWS implements service discovery and managed DNS.

Kubernetes automatically generates service names that use the following specification:

service.namespace.svc.zone

Where:

service: your service's name
namespace: your service's Namespace
zone: your service's AWS zone

Workloads also access external services— for example example.net— using DNS names. For more information on the behavior of DNS in Kubernetes, see DNS for Services and Pods.

CoreDNS

GKE on AWS uses CoreDNS to resolve DNS names within clusters. CoreDNS runs as a redundant, scaled Deployment in the kube-system namespace. The CoreDNS deployment has a Service that groups the CoreDNS Pods and gives them a single IP address. The CoreDNS Deployment scales with the cluster's size and usage.

NodeLocal DNSCache

GKE on AWS uses NodeLocal DNSCache to improve DNS lookup performance. NodeLocal DNSCache runs as a DaemonSet on each node in your cluster. When a Pod makes a DNS request, the request first goes to the DNS cache on the same node. If the cache can't resolve the DNS request, the cache forwards the request to either:

CoreDNS for an internal name— for example foo.bar.svc.cluster.local
The Amazon DNS server, for an external name— for example example.net

Calico

GKE on AWS uses Calico to establish BGP routing between cluster nodes.

What's next

Read about AWS DNS support for your VPC.
For an overview of how DNS is used in Kubernetes clusters, see DNS for Services and Pods.