# Private DNS installation

## Contexte

We want to deploy an internal DNS to serve private domain and that will be able to forward any other requests to another DNS.

## Architecture

We will use CoreDNS (not the cluster internal) to serve those requests.
A etcd cluster will be deployed in statefullset, with PVC, as CoreDNS' backend.
We finally deploy external-dns to handle DNS entry creation and suppression, in Service or Ingress rules.

## Deploy

Pretty straitforward using manifests from 01\* to 04\*.
The CoreDNS configuration is in 04-coredns.yaml :

```
data:
  Corefile: |
    open-it.intra {
        errors
        health
        log
        etcd {
           endpoint http://etcd-dns:2379
        }
        cache 30
        prometheus 0.0.0.0:9153
    }
    
    . {
        forward . 192.168.5.1
        cache
    }
```



## Testing 

We will test by deploying a service type **LoadBalancer** with the annotation :
**external-dns.alpha.kubernetes.io/hostname: "<url|fqdn>"**

Let's try with that Service :

```
    apiVersion: v1
    kind: Service
    metadata:
      name: nginx-frontend
      annotations:
        external-dns.alpha.kubernetes.io/hostname: "nginx.open-it.intra"
    spec:
      ports:
      - name: "web"
        port: 80
        targetPort: 80
      selector:
        app: nginx
      type: LoadBalancer
```

First, let's retrieve DNS IP :

```
$ kubectl -n dns get svc coredns
NAME      TYPE           CLUSTER-IP     EXTERNAL-IP     PORT(S)        AGE
coredns   LoadBalancer   10.98.74.182   192.168.5.201   53:30690/UDP   2d1h
```

We can now try DNS resolution

```
$ dig @192.168.5.201 nginx.open-it.intra +short
192.168.5.203
 ```

or

```
$ nslookup nginx.open-it.intra 192.168.5.201
Server:         192.168.5.201
Address:        192.168.5.201#53

Name:   nginx.open-it.intra
Address: 192.168.5.203
```