Service discovery and DNS overview

This topic describes how GKE on AWS interacts with Domain Name Services (DNS) on both your AWS Virtual Private Cloud (VPC) and clusters.

AWS VPC DNS

This section describes how you can configure a VPC for GKE on AWS.

Configuring VPC DNS

GKE on AWS supports a variety of DNS configurations in your AWS VPC. You configure your VPC's DNS settings when you Create a DHCP options set. For more information, see DNS support for your VPC.

You can configure the following options:

DNS Hostnames
This sets whether EC2 instances with public IP addresses get corresponding public DNS hostnames. You set this value using the enableDNSHostnames field in your VPC's DHCP option set. For more information, see VPC DNS Hostnames and DHCP options sets for your VPC.
EC2 DNS Hostnames
This sets whether EC2 instances receive a default DNS hostname or a custom DNS hostname.
DNS server
Whether your VPC's DHCP options set uses either the AWS Route53 DNS server (with the AmazonProvidedDNS option), or a hosted DNS server.

Using hosted DNS

To use a hosted DNS, your control plane and node pool security groups must allow outbound traffic on TCP and UDP port 53.

Supported VPC DNS configurations

The following table includes DNS configurations supported by GKE on AWS:

Enable DNS hostnames EC2 DNS hostnames DNS server Supported?
true Default AWS Route53 Yes
false Default AWS Route53 Yes
true Custom AWS Route53 Yes
false Custom AWS Route53 Yes
true Custom Hosted Yes
false Custom Hosted Yes
true Default Hosted No
false Default Hosted No

Service discovery

Service discovery is the process where workloads discover services without knowing the service's IP address. This section describes how GKE on AWS implements service discovery and managed DNS.

Kubernetes automatically generates service names that use the following specification:

service.namespace.svc.cluster.local

Where:

  • service: your service's name
  • namespace: your service's Namespace

Workloads also access external services— for example example.net— using DNS names. For more information on the behavior of DNS in Kubernetes, see DNS for Services and Pods.

CoreDNS

GKE on AWS uses CoreDNS to resolve DNS names within clusters. CoreDNS runs as a redundant, scaled Deployment in the kube-system namespace. The CoreDNS deployment has a Service that groups the CoreDNS Pods and gives them a single IP address. The CoreDNS Deployment scales with the cluster's size and usage.

NodeLocal DNSCache

GKE on AWS uses NodeLocal DNSCache to improve DNS lookup performance. NodeLocal DNSCache runs as a DaemonSet on each node in your cluster. When a Pod makes a DNS request, the request first goes to the DNS cache on the same node. If the cache can't resolve the DNS request, the cache forwards the request to either:

  • CoreDNS for an internal name— for example foo.bar.svc.cluster.local
  • The Amazon DNS server, for an external name— for example example.net

What's next