How to update the CoreDNS ConfigMap in a Rancher Kubernetes Engine (RKE) CLI or Rancher v2.x provisioned Kubernetes cluster

This document (000020115) is provided subject to the disclaimer at the end of this document.



You might wish to update the Corefile configuration of CoreDNS, defined via the coredns ConfigMap in the kube-system Namespace, for example, in order to enable query logging or update the resolver policy. This article details how to update this ConfigMap and persist changes in a Rancher Kubernetes Engine (RKE) CLI or Rancher v2.x provisioned cluster.


  • A Kubernetes cluster provisioned by the Rancher Kubernetes Engine (RKE) CLI or Rancher v2.x, using the CoreDNS dns add-on.
  • kubectl access to the cluster with a kubeconfig sourced for a global admin or cluster owner user.


  1. Capture the current coredns ConfigMap definition, with the following kubectl command:

    kubectl -n kube-system get configmap coredns -o go-template={{.data.Corefile}}

    The output should look like the following:

    .:53 {
        kubernetes cluster.local {
          pods insecure
        prometheus :9153
        forward . "/etc/resolv.conf" {
          policy random
        cache 30
  2. Edit the cluster configuration YAML, to define a custom add-on containing the coredns ConfigMap, with your desired changes. For RKE provisioned clusters, add this into the cluster.yml file. For a Rancher provisioned cluster, navigate to the cluster view in the Rancher UI, open the edit cluster view and click Edit as YAML.

    Create the add-on with the content below, replacing the Corefile definition with the existing configuration retrieved in step 1. Then make the desired changes, in this example the resolver policy is updated from random, in the existing configuration, to sequental.

    yaml addons: |- --- apiVersion: v1 kind: ConfigMap metadata: name: coredns namespace: kube-system data: Corefile: | .:53 { errors health ready kubernetes cluster.local { pods insecure fallthrough } prometheus :9153 forward . "/etc/resolv.conf" { policy sequential } cache 30 loop reload loadbalance }

  3. Update the cluster with the new configuration. For RKE provisioned clusters, invoke rke up --cluster.yml (ensure the cluster.rkestate file is present in the working directory when invoking rke up). For Rancher provisioned clusters, click Save in the Rancher UI Edit as YAML view.

Further reading


This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000020115
  • Creation Date: 06-May-2021
  • Modified Date:06-May-2021
    • SUSE Rancher

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact:

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center