kubeadm: update implementation-details.md about CoreDNS

- Replace examples from kube-dns to CoreDNS - Add notes about the CoreDNS feature gate status in 1.11 - Add note that the service name for CoreDNS is also called `kube-dns`
kubernetes · Jun 4, 2018 · e4add33 · e4add33
1 parent 7549d77
commit e4add33
Showing 1 changed file with 11 additions and 8 deletions.
diff --git a/content/en/docs/reference/setup-tools/kubeadm/implementation-details.md b/content/en/docs/reference/setup-tools/kubeadm/implementation-details.md
@@ -25,7 +25,7 @@ The cluster that `kubeadm init` and `kubeadm join` set up should be:
    - using secure communication between the control plane components
    - using secure communication between the API server and the kubelets
    - lock-down the kubelet API
-   - locking down access to the API for system components like the kube-proxy and kube-dns
+   - locking down access to the API for system components like the kube-proxy and CoreDNS
    - locking down what a Bootstrap Token can access
    - etc.
  - **Easy to use**: The user should not have to run anything more than a couple of commands:
@@ -448,16 +448,19 @@ A ServiceAccount for `kube-proxy` is created in the `kube-system` namespace; the
 
 #### DNS
 
-A ServiceAccount for `kube-dns` is created in the `kube-system` namespace.
+Please note that:
+1. The CoreDNS service is named `kube-dns`. This is done to prevent any interruption
+in service when the user is switching the cluster DNS from kube-dns to CoreDNS or vice-versa.
+2. In Kubernetes version 1.11 and later, CoreDNS has become the default DNS server and you have to
+invoke kubeadm with `--feature-gates=CoreDNS=false` to install kube-dns instead.
+3. In Kubernetes versions prior to 1.11, CoreDNS has to be enabled with `--feature-gates=CoreDNS=true`.
 
-Deploy the kube-dns Deployment and Service:
+A ServiceAccount for CoreDNS/kube-dns is created in the `kube-system` namespace.
 
-- It's the upstream kube-dns deployment relatively unmodified
-- The `kube-dns` ServiceAccount is bound to the privileges in the `system:kube-dns` ClusterRole
+Deploy the `kube-dns` Deployment and Service:
 
-Please note that:
-
-1. If kubeadm is invoked with `--feature-gates=CoreDNS`,  CoreDNS is installed instead of `kube-dns`
+- It's the upstream CoreDNS deployment relatively unmodified
+- The `kube-dns` ServiceAccount is bound to the privileges in the `system:kube-dns` ClusterRole
 
 ### (Optional and alpha in v1.9) self-hosting