From daa228ff7a91aa315b452907ed18a25d0ec8a900 Mon Sep 17 00:00:00 2001 From: Christian DiRubbio <117473198+cdirubbio@users.noreply.github.com> Date: Wed, 29 Oct 2025 18:30:40 -0400 Subject: [PATCH] Update to add CoreDNS behavior explanation with example --- latest/ug/automode/auto-networking.adoc | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/latest/ug/automode/auto-networking.adoc b/latest/ug/automode/auto-networking.adoc index 4ee5f291..9e2e722a 100644 --- a/latest/ug/automode/auto-networking.adoc +++ b/latest/ug/automode/auto-networking.adoc @@ -92,4 +92,18 @@ For more information, see <> or <>. EKS Auto Mode does not use the traditional CoreDNS deployment to provide DNS resolution within the cluster. Instead, Auto Mode nodes utilize CoreDNS running as a system service directly on each node. If transitioning a traditional cluster to Auto Mode, you can remove the CoreDNS deployment from your cluster once your workloads have been moved to the Auto Mode nodes. +The pods running on Auto Mode nodes still use the conventional CoreDNS service cluster IP as their nameserver, even if the service is not present in the cluster. This is evident by the contents of the `/etc/resolv.conf` file of one of these pods. See the below example content of an `/etc/resolv.conf` file: +[source,bash,subs="verbatim,attributes"] +---- +search default.svc.cluster.local svc.cluster.local cluster.local ec2.internal +nameserver 10.100.0.10 +options ndots:5 +---- + +While the pod configuration remains familiar, the underlying DNS traffic handling is different. In Auto Mode nodes, DNS traffic is routed directly to the local CoreDNS service through an IP route, rather than using iptables rules to reach CoreDNS pods. This routing is configured on each Auto Mode node with an entry similar to: +[source,bash,subs="verbatim,attributes"] +---- +local 10.100.0.10 dev coredns table local proto kernel scope host src 10.100.0.10 +---- + IMPORTANT: If you plan to maintain a cluster with both Auto Mode and non-Auto Mode nodes, you must retain the CoreDNS deployment. Non-Auto Mode nodes rely on the traditional CoreDNS pods for DNS resolution, as they cannot access the node-level DNS service that Auto Mode provides.