From a7a67beeb48ecaa09a7bc4a1dcafff20f926df62 Mon Sep 17 00:00:00 2001
From: Jashandeep Sohi <jsohi@lco.global>
Date: Tue, 11 Feb 2025 09:47:42 -0800
Subject: [PATCH] setup coredns to route traffic internally for
 *.local.lco.earth

This is needed for things like generating pre-signed URLs with Minio, where
they need to use the Ingress DNS name internally. But because *.local.lco.earth
always resolves to 127.0.0.1, Pods are not able to connect to services backed
by the Ingress. By using the coredns template plugin, we can short-ciruit the
resolved DNS to the ingress-controller.
---
 local-cluster/configmap-coredns.yaml | 30 ++++++++++++++++++++++++++++
 local-cluster/default.nix            |  2 ++
 2 files changed, 32 insertions(+)
 create mode 100644 local-cluster/configmap-coredns.yaml

diff --git a/local-cluster/configmap-coredns.yaml b/local-cluster/configmap-coredns.yaml
new file mode 100644
index 0000000..31a8435
--- /dev/null
+++ b/local-cluster/configmap-coredns.yaml
@@ -0,0 +1,30 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: coredns
+  namespace: kube-system
+data:
+  Corefile: |
+    .:53 {
+        errors
+        health {
+           lameduck 5s
+        }
+        ready
+        template ANY ANY local.lco.earth {
+          answer "{{ .Name }} 60 {{ .Class }} CNAME ingress-nginx-controller.ingress-nginx.svc.cluster.local"
+        }
+        kubernetes cluster.local in-addr.arpa ip6.arpa {
+           pods insecure
+           fallthrough in-addr.arpa ip6.arpa
+           ttl 30
+        }
+        prometheus :9153
+        forward . /etc/resolv.conf {
+           max_concurrent 1000
+        }
+        cache 30
+        loop
+        reload
+        loadbalance
+    }
diff --git a/local-cluster/default.nix b/local-cluster/default.nix
index 25ac144..0b6ed05 100644
--- a/local-cluster/default.nix
+++ b/local-cluster/default.nix
@@ -59,11 +59,13 @@ in {
       local-cluster-nginx-ingress-up.exec = ''
         set -ex -o pipefail
         kustomize build "${./ingress-nginx}" | kubectl apply -f -
+        kubectl apply -f "${./configmap-coredns.yaml}"
       '';
 
       local-cluster-nginx-ingress-down.exec = ''
         set -ex -o pipefail
         kustomize build "${./ingress-nginx}" | kubectl delete -f -
+        kubectl delete -f "${./configmap-coredns.yaml}"
       '';
 
       local-cluster-k8s-dashboard-up.exec = ''