Kubernetes Node-Local DNS Cache
April 14, 2026 ยท View on GitHub
This is the repository for Kubernetes Node-Local DNS Cache.
Building
make targets:
| target | description |
|---|---|
| all, build | build all binaries |
| test | run unit tests |
| containers | build the containers |
| images-clean | clear image build artifacts from workdir |
| push | push containers to the registry |
| help | this help message |
| version | show package version |
| {build,containers,push}-ARCH | do action for specific ARCH |
| all-{build,containers,push} | do action for all ARCH |
| only-push-BINARY | push just BINARY |
- Setting
VERBOSE=1will show additional build logging. - Setting
VERSIONwill override the container version tag.
Vulnerability patching
Follow the instructions below depending on the vulnerability, then send a PR. Once the PR has merged, a new release tag should be cut by a maintainer. The rest of the release process is described further down.
Bumping Go compiler/standard library
Update the BUILD_IMAGE in Makefile.
Bumping base images
Update the IPTIMAGE in rules.mk.
Bumping Go dependencies
go get DEPENDENCY@VERSION
go mod tidy
go mod vendor
Release process
Follow these steps to make changes and release a new binary.
- Make the necessary code changes and create a PR.
- Build and test locally (
make images-clean;make build;make containers;make test). - The same steps are executed via the presubmit script
presubmits.shwhich is run by the test-infra prow job. - Merge the PR.
- Cut a new release tag. We use semantic versioning to
name releases.
Example:
git tag -a 1.21.4 -m "Build images using golang 1.17." git push upstream 1.21.4 - Wait for container images to be pushed via cloudbuild yaml. This will be done automatically by
k8s.io/test-infra/.../k8s-staging-dns.yaml. A manual cloud build can be submitted viagcloud builds submit --config cloudbuild.yaml, but this requires owner permissions in k8s-staging-dns project. The automated job pushes images for all architectures and makes them available ingcr.io/k8s-staging-dns. Status for build jobs can be checked at - https://testgrid.k8s.io/sig-network-dns#dns-push-images - Promote the images to
gcr.io/k8s-artifacts-produsing the process described in this link. The image SHAs should be added toimages/k8s-staging-dns/images.yaml. The SHAs can be obtained by running the commandpython parse-image-sha.py <TAG>This will return the SHAs for kube-dns as well as node-cache images. Node-cache images are always promoted, kube-dns images are promoted if there is a change to kubedns/vulnerability fix. - Images will be available in the repo registry.k8s.io/dns/. The node-cache image with tag 1.15.14 can be found at registry.k8s.io/dns/k8s-dns-node-cache:1.15.14. Older versions are at registry.k8s.io/k8s-dns-node-cache:
- Prepare a PR for the kubernetes/kubernetes repository to switch to the new
version of the containers. Example - https://github.com/kubernetes/kubernetes/pull/106189.
Trigger the optional presubmit
pull-kubernetes-e2e-gci-gce-kube-dns-nodecacheand correct your PR if needed before merging. - Verify the nodecache-related tabs of the test grid at https://testgrid.k8s.io/sig-network-gce for regressions caused by the new image and revert if needed.
Version compatibility
There is no version compatibility requirements with Kubernetes releases. Version numbers in this repo are not related to Kubernetes versions.