[stable/node-local-dns]: add configurable cache TTL

DJRH · DJRH · commit 901c918100b5 · 2026-06-04T17:04:35.000+01:00
The cache TTL for DNS records was hardcoded to 30 seconds. This is too
aggressive for external hostnames with longer TTLs (e.g. AWS ALBs return
60s TTLs), causing unnecessary cache misses and upstream lookups.

Add config.cacheTTL (default 30) to make this configurable without
needing to override the entire Corefile via customConfig.
diff --git a/stable/node-local-dns/Chart.yaml b/stable/node-local-dns/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: node-local-dns
-version: 2.8.0
+version: 2.9.0
 appVersion: 1.26.7
 maintainers:
   - name: gabrieladt
diff --git a/stable/node-local-dns/README.md b/stable/node-local-dns/README.md
@@ -1,6 +1,6 @@
 # node-local-dns
 
-![Version: 2.8.0](https://img.shields.io/badge/Version-2.8.0-informational?style=flat-square) ![AppVersion: 1.26.7](https://img.shields.io/badge/AppVersion-1.26.7-informational?style=flat-square)
+![Version: 2.9.0](https://img.shields.io/badge/Version-2.9.0-informational?style=flat-square) ![AppVersion: 1.26.7](https://img.shields.io/badge/AppVersion-1.26.7-informational?style=flat-square)
 
 A chart to install node-local-dns.
 
@@ -50,6 +50,7 @@ helm install my-release oci://ghcr.io/deliveryhero/helm-charts/node-local-dns -f
 |-----|------|---------|-------------|
 | affinity | object | `{}` |  |
 | config.bindIp | bool | `false` | If false, it will bind 0.0.0.0, otherwise dnsServer and localDns will be used. https://github.com/bottlerocket-os/bottlerocket/issues/3711#issuecomment-1907087528 |
+| config.cacheTTL | int | `30` | Cache TTL in seconds for DNS records. https://coredns.io/plugins/cache/ |
 | config.commProtocol | string | `"force_tcp"` | Set communication protocol. Options are `prefer_udp` or `force_tcp` |
 | config.customConfig | string | `""` | Overrides the generated configuration with specified one. |
 | config.customUpstreamsvc | string | `""` | Use a custom upstreamsvc for -upstreamsvc |
diff --git a/stable/node-local-dns/templates/configmap.yaml b/stable/node-local-dns/templates/configmap.yaml
@@ -50,11 +50,11 @@ data:
     in-addr.arpa:53 {
         errors
     {{- if .Values.config.prefetch.enabled}}
-        cache 30 {
+        cache {{ .Values.config.cacheTTL }} {
                 prefetch {{ .Values.config.prefetch.amount }} {{ .Values.config.prefetch.duration }} {{ .Values.config.prefetch.percentage }}
         }
     {{- else }}
-        cache 30
+        cache {{ .Values.config.cacheTTL }}
     {{- end }}
         reload
         loop
@@ -76,11 +76,11 @@ data:
     ip6.arpa:53 {
         errors
     {{- if .Values.config.prefetch.enabled}}
-        cache 30 {
+        cache {{ .Values.config.cacheTTL }} {
                 prefetch {{ .Values.config.prefetch.amount }} {{ .Values.config.prefetch.duration }} {{ .Values.config.prefetch.percentage }}
         }
     {{- else }}
-        cache 30
+        cache {{ .Values.config.cacheTTL }}
     {{- end }}
         reload
         loop
@@ -105,11 +105,11 @@ data:
     {{- end }}
         errors
     {{- if .Values.config.prefetch.enabled}}
-        cache 30 {
+        cache {{ .Values.config.cacheTTL }} {
                 prefetch {{ .Values.config.prefetch.amount }} {{ .Values.config.prefetch.duration }} {{ .Values.config.prefetch.percentage }}
         }
     {{- else }}
-        cache 30
+        cache {{ .Values.config.cacheTTL }}
     {{- end }}
         reload
         loop
diff --git a/stable/node-local-dns/values.yaml b/stable/node-local-dns/values.yaml
@@ -32,6 +32,9 @@ config:
   # -- If true, return NOERROR when attempting to resolve an IPv6 address
   noIPv6Lookups: false
 
+  # -- Cache TTL in seconds for DNS records. https://coredns.io/plugins/cache/
+  cacheTTL: 30
+
   # -- If enabled, coredns will prefetch popular items when they are about to be expunged from the cache. https://coredns.io/plugins/cache/
   prefetch:
     enabled: false
