We’re updating our Kubernetes staging clusters with CoreDNS, the new dns server that replaces KubeDNS. After an in-depth analysis and tests we’ve verified that the performance and the stability between the two solutions are almost identical. Here you can find more details on why we decided to move to CoreDNS.
We’re also taking the opportunity to add a new StorageClass for our clusters called gp2-encrypted which allows you to create kms-encrypted volumes. The kms key used can be either the default one generated by AWS or a custom one specified with an ARN.
Example usage:
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv0001
spec:
capacity:
storage: 5Gi
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Recycle
storageClassName: gp2-encrypted
If we don’t uncover any issues in the staging clusters during the next few days, we’ll rollout the upgrade to all the production clusters next week.