kubernetes之coredns玩法
<p><span style="font-size: 16px">一、概述</span></p><p><span style="font-size: 16px">新版本的kubernetes默认使用了coredns,这里就不赘述了。直达车:https://coredns.io/、https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/#coredns</span></p>
<p><span style="font-size: 16px">二、coredns配置</span></p>
<p><span style="font-size: 16px">在之前的博客里面介绍过使用dnsmasq作为coredns的上游dns的玩法,这里介绍直接修改coredns的配置,coredns的配置是Corefile,可以通过configmap控制修改。默认的配置如下:</span></p>
<p><span style="font-size: 16px"># kubectl get cm coredns -n kube-system -o yaml</span></p>
<div class="cnblogs_code">
<pre><span style="font-size: 16px"><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube</span>-<span style="color: rgba(0, 0, 0, 1)">system
data:
Corefile: </span>|<span style="color: rgba(0, 0, 0, 1)">
.:</span><span style="color: rgba(128, 0, 128, 1)">53</span><span style="color: rgba(0, 0, 0, 1)"> {
errors
health
kubernetes cluster.local </span><span style="color: rgba(0, 0, 255, 1)">in</span>-<span style="color: rgba(0, 0, 0, 1)">addr.arpa ip6.arpa {
pods insecure
upstream
fallthrough </span><span style="color: rgba(0, 0, 255, 1)">in</span>-<span style="color: rgba(0, 0, 0, 1)">addr.arpa ip6.arpa
}
prometheus :</span><span style="color: rgba(128, 0, 128, 1)">9153</span><span style="color: rgba(0, 0, 0, 1)">
proxy . </span>/etc/<span style="color: rgba(0, 0, 0, 1)">resolv.conf
cache </span><span style="color: rgba(128, 0, 128, 1)">30</span><span style="color: rgba(0, 0, 0, 1)">
loop
reload
loadbalance
}</span></span></pre>
</div>
<p><span style="font-size: 16px">errors、health等都是cordns的插件,更多插件参考:https://coredns.io/plugins/</span></p>
<p><span style="font-size: 16px">kuberneets1.10开始,支持将kube-dns的配置转换成coredns的配置。kube-dns里面使用<code class="language-yaml" data-lang="yaml">stubDomains来指定存根域,即</code></span></p>
<div class="cnblogs_code">
<pre><span style="font-size: 16px"><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: ConfigMap
metadata:
name: kube</span>-<span style="color: rgba(0, 0, 0, 1)">dns
namespace: kube</span>-<span style="color: rgba(0, 0, 0, 1)">system
data:
stubDomains: </span>|<span style="color: rgba(0, 0, 0, 1)">
{</span><span style="color: rgba(128, 0, 0, 1)">"demo</span><span style="color: rgba(128, 0, 0, 1)">.local</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">10.0.0.1</span><span style="color: rgba(128, 0, 0, 1)">"</span>]}</span></pre>
</div>
<p><span style="font-size: 16px"> </span></p>
<p><span style="font-size: 16px">使用upstreamNameservers来指定非集群dns查找使用外部dns解析,如果设置default默认只会使用node节点dns解析。</span></p>
<div class="cnblogs_code">
<pre><span style="font-size: 16px"><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: ConfigMap
metadata:
name: kube</span>-<span style="color: rgba(0, 0, 0, 1)">dns
namespace: kube</span>-<span style="color: rgba(0, 0, 0, 1)">system
data:
upstreamNameservers: </span>|<span style="color: rgba(0, 0, 0, 1)">
[</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">10.0.0.1</span><span style="color: rgba(128, 0, 0, 1)">"</span>]</span></pre>
</div>
<p><span style="font-size: 16px"> </span></p>
<p><span style="font-size: 16px">在coredns里面使用upstream和proxy实现kube-dns的stubDomains、upstreamNameservers的功能。</span></p>
<p><span style="font-size: 16px">1、coredns使用consul作为dns查询</span></p>
<p><span style="font-size: 16px">修改coredns的configmap:</span></p>
<p><span style="font-size: 16px"># kubectl -n kube-system edit cm coredns</span></p>
<div class="cnblogs_code">
<pre></pre>
<pre><span style="font-size: 16px">apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
errors
health
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
upstream
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
proxy . /etc/resolv.conf
cache 30
loop
reload
loadbalance
}</span></pre>
<pre><span style="font-size: 16px"><span style="color: rgba(0, 0, 0, 1)"> service.hq:</span><span style="color: rgba(128, 0, 128, 1)">53</span><span style="color: rgba(0, 0, 0, 1)"> { <br> errors <br> cache </span><span style="color: rgba(128, 0, 128, 1)">30</span><span style="color: rgba(0, 0, 0, 1)"> <br> proxy . </span><span style="color: rgba(128, 0, 128, 1)">10.4</span>.<span style="color: rgba(128, 0, 128, 1)">9.6</span><span style="color: rgba(0, 0, 0, 1)"> <br>}</span></span></pre>
</div>
<p><span style="font-size: 16px">service.hq是在consul里面设置的domain,consul使用参考我可博客:https://www.cnblogs.com/cuishuai/p/8194345.html,我的consul设置的dns端口是53,默认是8600. 10.4.9.6是consul的监听地址。</span></p>
<p><span style="font-size: 16px">重新调度pod使配置生效:</span></p>
<div class="cnblogs_code">
<pre><span style="font-size: 16px">kubectl get pods -n kube-system | <span style="color: rgba(0, 0, 255, 1)">grep</span> coredns | <span style="color: rgba(0, 0, 255, 1)">awk</span> <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{print $1}</span><span style="color: rgba(128, 0, 0, 1)">'</span> | <span style="color: rgba(0, 0, 255, 1)">xargs</span> kubectl -n kube-system delete pod</span></pre>
</div>
<p><span style="font-size: 16px"> </span></p>
<p><span style="font-size: 16px">测试:</span></p>
<p><span style="font-size: 16px">activity是我们在consul里面注册的服务,sleep是包含curl和ping的pod。</span></p>
<p><span style="font-size: 16px"># kubectl exec -it -n istio-system sleep-754684654f-c6mct -- ping activity.service.hq</span></p>
<p><span style="font-size: 16px"><img src="https://img2018.cnblogs.com/blog/1200972/201905/1200972-20190516172448469-2043200690.png"></span></p>
<p><span style="font-size: 16px"> </span></p>
<p><span style="font-size: 16px">附录:</span></p>
<p><span style="font-size: 16px">sleep的yaml:</span></p>
<div class="cnblogs_code">
<pre><span style="font-size: 16px"><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: ServiceAccount
metadata:
name: </span><span style="color: rgba(0, 0, 255, 1)">sleep</span>
---<span style="color: rgba(0, 0, 0, 1)">
apiVersion: v1
kind: Service
metadata:
name: </span><span style="color: rgba(0, 0, 255, 1)">sleep</span><span style="color: rgba(0, 0, 0, 1)">
labels:
app: </span><span style="color: rgba(0, 0, 255, 1)">sleep</span><span style="color: rgba(0, 0, 0, 1)">
spec:
ports:
</span>- port: <span style="color: rgba(128, 0, 128, 1)">80</span><span style="color: rgba(0, 0, 0, 1)">
name: http
selector:
app: </span><span style="color: rgba(0, 0, 255, 1)">sleep</span>
---<span style="color: rgba(0, 0, 0, 1)">
apiVersion: extensions</span>/<span style="color: rgba(0, 0, 0, 1)">v1beta1
kind: Deployment
metadata:
name: </span><span style="color: rgba(0, 0, 255, 1)">sleep</span><span style="color: rgba(0, 0, 0, 1)">
spec:
replicas: </span><span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
template:
metadata:
labels:
app: </span><span style="color: rgba(0, 0, 255, 1)">sleep</span><span style="color: rgba(0, 0, 0, 1)">
spec:
serviceAccountName: </span><span style="color: rgba(0, 0, 255, 1)">sleep</span><span style="color: rgba(0, 0, 0, 1)">
containers:
</span>- name: <span style="color: rgba(0, 0, 255, 1)">sleep</span><span style="color: rgba(0, 0, 0, 1)">
image: pstauffer</span>/<span style="color: rgba(0, 0, 0, 1)">curl
command: [</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/bin/sleep</span><span style="color: rgba(128, 0, 0, 1)">"</span>, <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">3650d</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
imagePullPolicy: IfNotPresent
</span>---</span></pre>
</div>
<p><span style="font-size: 16px"> </span></p>
</div>
<div id="MySignature" role="contentinfo">
--------崔帅的拾荒<br><br>
来源:https://www.cnblogs.com/cuishuai/p/10876904.html
頁:
[1]