DNS is weird inside k8s on AWS
Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.
DNS quirks in k8s on AWS, directly relevant to cloud infrastructure and platform engineering.
Kubernetes DNS on AWS suffers from three compounding issues: the default ndots:5 setting causes every external hostname lookup to generate up to 10 queries (A and AAAA records for each of 5 search suffixes); NodeLocal DNSCache, an optional DaemonSet per node, adds a caching layer between pods and CoreDNS; and EC2's per-ENI DNS packet limit (1024 packets/sec) silently throttles traffic when exceeded. Setting ndots:1 in pod dnsConfig eliminates the query multiplier for external lookups, and enabling NodeLocal DNSCache reduces load on the central CoreDNS service.