{"id":22148625,"url":"https://github.com/cdennig/custom-dns-aks","last_synced_at":"2026-02-04T08:32:56.577Z","repository":{"id":132653072,"uuid":"302005056","full_name":"cdennig/custom-dns-aks","owner":"cdennig","description":null,"archived":false,"fork":false,"pushed_at":"2020-10-07T11:01:16.000Z","size":30,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-29T17:44:58.410Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cdennig.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-10-07T10:44:48.000Z","updated_at":"2020-10-07T11:01:19.000Z","dependencies_parsed_at":null,"dependency_job_id":"fc3edb60-8ad5-4e1c-bcc1-39e3780b64d4","html_url":"https://github.com/cdennig/custom-dns-aks","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cdennig%2Fcustom-dns-aks","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cdennig%2Fcustom-dns-aks/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cdennig%2Fcustom-dns-aks/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cdennig%2Fcustom-dns-aks/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cdennig","download_url":"https://codeload.github.com/cdennig/custom-dns-aks/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245274636,"owners_count":20588819,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-01T23:28:44.950Z","updated_at":"2026-02-04T08:32:51.517Z","avatar_url":"https://github.com/cdennig.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# CoreDNS Test\n\n## Add VM (just for demo purposes!)\n\nInstall Ubuntu-18-04 LTS\n\n192.168.0.0/24\n\nNSG:\n\n![Network Security Group](./nsg.png \"Network Security Group\")\n\n---\n\nIn VM:\n\nGet IP Adress:\n\n```shell\n$ ifconfig eth0\n\neth0: flags=4163\u003cUP,BROADCAST,RUNNING,MULTICAST\u003e  mtu 1500\n        inet 192.168.0.4  netmask 255.255.255.0  broadcast 192.168.0.255\n        inet6 fe80::20d:3aff:fe2d:a84a  prefixlen 64  scopeid 0x20\u003clink\u003e\n        ether 00:0d:3a:2d:a8:4a  txqueuelen 1000  (Ethernet)\n        RX packets 135861  bytes 172074370 (172.0 MB)\n        RX errors 0  dropped 0  overruns 0  frame 0\n        TX packets 28934  bytes 4777038 (4.7 MB)\n        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0\n```\n\n--\u003e 192.168.0.4\n\nInstall bind9:\n\n```shell\nsudo apt-get update\nsudo apt-get install bind9 bind9utils bind9-doc\n```\n\nIPv4 Bind mode:\n\n```shell\nsudo vim /etc/default/bind9\n\n...\nOPTIONS=\"-u bind -4\"\n```\n\nRestart sudo systemctl restart bind9\n\nCheck:\n\nazureuser@mydnsserver:~$ ps -ax | grep named\n14810 ?        Ssl    0:00 /usr/sbin/named -f -u bind -4\n14840 pts/0    S+     0:00 grep --color=auto named\n\n/etc/bind/named.conf.options (listen on any adress - DEMO!):\n\n```plain\noptions {\n        directory \"/var/cache/bind\";\n\n        ======================================================================$\n        // If BIND logs error messages about the root key being expired,\n        // you will need to update your keys.  See https://www.isc.org/bind-keys\n        //======================================================================$\n        dnssec-validation auto;\n\n        auth-nxdomain no;    # conform to RFC1035\n        listen-on { any; };\n        listen-on-v6 { any; };\n};\n```\n\nDNS Zone in /etc/bind/named.conf.local:\n\n```plain\nzone \"azure.intern\" {\n    type master;\n    file \"/etc/bind/zones/db.azure.intern\"; # zone file path\n};\n```\n\nCreate Zone file:\n\nsudo mkdir /etc/bind/zones\nsudo cp /etc/bind/db.local /etc/bind/zones/db.azure.intern\n\nsudo vim /etc/bind/zones/db.azure.intern\n\n```plain\n;\n; BIND data file for local loopback interface\n;\n$TTL    604800\n@       IN      SOA     ns1.azure.intern. admin.azure.intern. (\n                              3         ; Serial\n                         604800         ; Refresh\n                          86400         ; Retry\n                        2419200         ; Expire\n                         604800 )       ; Negative Cache TTL\n;\n@       IN      NS      ns1.azure.intern.\n@       IN      A       127.0.0.1\n@       IN      AAAA    ::1\n\nns1.azure.intern.       IN      A       192.168.0.4\nmyhost.azure.intern.    IN      A       40.112.72.205\n```\n\nRestart bind\nsudo systemctl restart bind9\n\nCheck on dns server machine (redirect to localhost! Should throw no error.):\n\nnslookup myhost.azure.intern localhost\n\nVNET --\u003e Add custom DNS server\n\nRestart VM\n\nsudo shutdown -r now\n\nCreate a test-client (optional)\n\n- new VM\n- new VNET: 192.168.1.0/24\n- VNET Peering\n- add Custom DNS server (private IP of DNS server, here: 192.168.0.4)\n\nSSH into machine: \n\n```shell\n$ nslookup myhost.azure.intern\nServer:         127.0.0.53\nAddress:        127.0.0.53#53\n\nNon-authoritative answer:\nName:   myhost.azure.intern\nAddress: 40.112.72.205\n```\n\n## How to setup CoreDNS in AKS\n\nAdd AKS cluster:\n\nInstall with Azure CNI!\n\nPeer newly created VNET with DNS-VNET and ensure \"Peering status\" == \"Connected\"\n\nNegative test (run a pod and lookup myhost.azure.intern - should fail!):\n\n```shell\nkubectl run --rm -it busy --image busybox /bin/sh\n\nnslookup myhost.azure.intern\nServer:         10.0.0.10\nAddress:        10.0.0.10:53\n\n** server can't find myhost.azure.intern: NXDOMAIN\n\n```\n\nAdd CoreDNS custom data:\n\n```bash\ncat \u003c\u003c EOF | kubectl apply -f -\napiVersion: v1\nkind: ConfigMap\nmetadata:\n  name: coredns-custom\n  namespace: kube-system\ndata:\n  azure.intern.server: |\n    azure.intern:53 {\n        errors\n        cache 30\n        forward . 192.168.0.4   # 'on-prem' DNS server\n    }\nEOF\n```\n\nRestart DNS Pods:\n\nkubectl delete pod --namespace kube-system --selector k8s-app=kube-dns\n\nPositive test:\n\n```shell\nkubectl run --rm -it busy --image busybox /bin/sh\n\n$ nslookup myhost.azure.intern\nServer:         10.0.0.10\nAddress:        10.0.0.10:53\n\nName:   myhost.azure.intern\nAddress: 40.112.72.205\n\n# any other DNS lookups should also work:\n\n$ nslookup microsoft.com\nServer:         10.0.0.10\nAddress:        10.0.0.10:53\n\nNon-authoritative answer:\nName:   microsoft.com\nAddress: 40.76.4.15\nName:   microsoft.com\nAddress: 40.112.72.205\nName:   microsoft.com\nAddress: 40.113.200.201\nName:   microsoft.com\nAddress: 13.77.161.179\nName:   microsoft.com\nAddress: 104.215.148.63\n\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcdennig%2Fcustom-dns-aks","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcdennig%2Fcustom-dns-aks","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcdennig%2Fcustom-dns-aks/lists"}