Workloads in a Kubernetes cluster use Domain Name System (DNS) to resolve service names to IP addresses. This topic explains how DNS resolution works in Alibaba Cloud Container Compute Service (ACS) clusters and introduces CoreDNS, the default DNS resolver preinstalled in every ACS cluster.
How DNS resolution works
When kubelet starts a pod, it configures the pod's DNS settings using two startup parameters: --cluster-dns=<dns-service-ip> sets the IP address of the cluster's DNS server, and --cluster-domain=<default-local-domain> sets the base domain suffix.
ACS deploys CoreDNS as the cluster DNS resolver. A Service named kube-dns exposes CoreDNS to all pods in the cluster, and two pods named coredns handle the actual resolution requests.
Each pod's DNS configuration is written to /etc/resolv.conf:
nameserver 172.xx.x.xx
search kube-system.svc.cluster.local svc.cluster.local cluster.local
options ndots:5Understanding the search domain
The search field lets pods resolve short service names without specifying fully qualified domain names. For example, a pod in the kube-system namespace can resolve nginx directly — the resolver automatically expands the query to nginx.kube-system.svc.cluster.local. The options ndots:5 setting controls when this expansion applies: if a query contains fewer than 5 dots, the resolver tries each search domain in order before falling back to an absolute lookup.
DNS resolution flow
Figure 1. How DNS resolution works
| Number | Description |
|---|---|
| ① | A client pod tries to reach the Nginx Service. It sends the DNS query to the nameserver in /etc/resolv.conf — in this example, 172.21.0.10, which is the IP address of the kube-dns Service. CoreDNS resolves the name and returns 172.21.0.30. |
| ② | The client pod connects to 172.21.0.30, the IP address of the Nginx Service. The Service then forwards the request to the Nginx-1 and Nginx-2 backend pods. |
For detailed configuration options, see Configure DNS resolution.
CoreDNS overview
CoreDNS is powered by plug-ins. Each plug-in handles a specific DNS function — from resolving cluster-internal service names to forwarding external queries, customizing host records, configuring CNAME records, and defining rewrite rules. This plug-in architecture lets you tailor DNS behavior to your workload requirements without modifying the core resolver.
ACS uses CoreDNS to implement service discovery in clusters. CoreDNS can resolve both internal domain names (within the cluster) and external domain names.
CoreDNS is hosted by the Cloud Native Computing Foundation (CNCF), which also hosts Kubernetes.
What's next
Configure DNS resolution — customize
/etc/resolv.confsettings and DNS policies for your podsConfigure non-managed CoreDNS — adjust CoreDNS settings and plug-ins for your cluster