CoreDNS Deep Dive: Building Custom Plugins

Authors:   Yong Tang


DNS is still important in modern day infrastructure due to its flexibility and pervasiveness, and can be used in conjunction with machine learning for threat detection. Coordinated server plugins allow for customization of DNS responses based on various factors.
  • DNS is a flexible and simple way to handle changes in infrastructure, and is distributed in nature, making it scalable for the internet
  • DNS is pervasive in ID infrastructure, allowing for consolidation of service discovery from different angles
  • Coordinated server plugins allow for customization of DNS responses based on various factors, such as IP address
  • Machine learning can be used in conjunction with DNS for threat detection, as seen in a server application that analyzes DNS queries for malicious activity
DNS provides flexibility in infrastructure changes, as updating the DNS record can easily redirect traffic to a new cloud vendor without notifying users. This is important in modern day infrastructure, where services may need to be migrated to different cloud vendors. Additionally, a student in Google Summer Code successfully combined machine learning and DNS for threat detection in a server application.


CoreDNS is a cloud-native DNS server with a focus on service discovery. While best known as the default cluster DNS for Kubernetes, CoreDNS is very flexible and extensible for any new features thanks to its plugin-based architecture: new functionalities can be easily added as plugins with Golang. In this session, we will take a detailed look at the plugin system of CoreDNS. We will walk through the complete code of a demo plugin from the scratch to showcase the simplicity and ease of convenience of CoreDNS plugins. We also provide updates and future roadmap of CoreDNS and the community event in this session.