kubernetes實踐之六十八:部署 coredns 外掛
一:簡介
從Kubernetes 1.10開始,在安裝時將預設的DNS服務切換為CoreDNS(beta測試階段)。這裡介紹在Kubernetes 1.10.4叢集中部署coredns外掛。
二:安裝
將下載的 kubernetes-server-linux-amd64.tar.gz 解壓後,再解壓其中的 kubernetes-src.tar.gz 檔案。coredns 對應的目錄是:cluster/addons/dns。
yaml檔案配置:cp kubernetes1.10.4/kubernetes/cluster/addons/dns/coredns.yaml.base coredns.yaml
$ diff coredns.yaml.base coredns.yaml
61c61< kubernetes __PILLAR__DNS__DOMAIN__ in-addr.arpa ip6.arpa {
---> kubernetes cluster.local. in-addr.arpa ip6.arpa {
153c153< clusterIP: __PILLAR__DNS__SERVER__
---> clusterIP: 10.254.0.2
# __MACHINE_GENERATED_WARNING__
apiVersion: v1
kind: ServiceAccount
metadata:
name: coredns
namespace: kube-system
labels:
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
kubernetes.io/bootstrapping: rbac-defaults
addonmanager.kubernetes.io/mode: Reconcile
name: system:coredns
rules:
- apiGroups:
- ""
resources:
- endpoints
- services
- pods
- namespaces
verbs:
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
addonmanager.kubernetes.io/mode: EnsureExists
name: system:coredns
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:coredns
subjects:
- kind: ServiceAccount
name: coredns
namespace: kube-system
---
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: EnsureExists
data:
Corefile: |
.:53 {
errors
health
kubernetes cluster.local. in-addr.arpa ip6.arpa {
pods insecure
upstream
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
proxy . /etc/resolv.conf
cache 30
}
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: coredns
namespace: kube-system
labels:
k8s-app: coredns
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
kubernetes.io/name: "CoreDNS"
spec:
replicas: 2
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
k8s-app: coredns
template:
metadata:
labels:
k8s-app: coredns
spec:
serviceAccountName: coredns
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: "CriticalAddonsOnly"
operator: "Exists"
containers:
- name: coredns
image: coredns/coredns:1.0.6
imagePullPolicy: IfNotPresent
resources:
limits:
memory: 170Mi
requests:
cpu: 100m
memory: 70Mi
args: [ "-conf", "/etc/coredns/Corefile" ]
volumeMounts:
- name: config-volume
mountPath: /etc/coredns
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
dnsPolicy: Default
volumes:
- name: config-volume
configMap:
name: coredns
items:
- key: Corefile
path: Corefile
---
apiVersion: v1
kind: Service
metadata:
name: coredns
namespace: kube-system
labels:
k8s-app: coredns
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
kubernetes.io/name: "CoreDNS"
spec:
selector:
k8s-app: coredns
clusterIP: 10.254.0.2
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
protocol: TCP
kubectl create -f coredns.yaml
三:測試
建立一個簡單的busybox pod busybox.yaml
apiVersion: v1 kind: Pod metadata: name: busybox namespace: default spec: containers: - image: busybox command: - sleep - "3600" imagePullPolicy: IfNotPresent name: busybox restartPolicy: Always
建立POD
kubectl CREATE -f busybox.yaml
驗證
kubectl exec -ti busybox -- nslookup kubernetes.default
Server: 10.0.0.10 Address 1: 10.0.0.10 Name: kubernetes.default Address 1: 10.0.0.1
驗證成功。
如果出現nslookup: can't resolve 'kubernetes.default' 則說明DNS有問題,透過日誌排查錯誤。
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/28624388/viewspace-2199896/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- kubernetes實踐之六十四:CoreDNSDNS
- kubernetes實踐之四:Flannel網路外掛安裝
- kubernetes實踐之十二:部署Traefik Ingress
- kubernetes1.13.X實踐-部署
- kubernetes實踐之十一:EFK
- Electron 外掛開發實踐
- kubernetes實踐之六十:Cabin-Manage Kubernetes
- 場景實踐:基於 IntelliJ IDEA 外掛部署微服務應用IntelliJIdea微服務
- Kubernetes 部署 Laravel 應用的最佳實踐Laravel
- PyCharm外掛開發實踐-PyGetterAndSetterPyCharm
- SkyWalking Java 外掛貢獻實踐Java
- kubernetes實踐之五十七:PodPreset
- kubernetes實踐之五十八:CronJob
- kubernetes實踐之五十二:Helm
- kubernetes實踐之五十九:NetworkPolicy
- kubernetes實踐之十九:API概述API
- kubernetes實踐之十七:架構架構
- kubernetes實踐之八:TLS bootstrappingTLSbootAPP
- Kubernetes CNI網路外掛
- Kubernetes(k8s)部署安全最佳實踐K8S
- 利用 Kubeadm部署 Kubernetes 1.13.1 叢集實踐錄
- SpringCloud 應用在 Kubernetes 上的最佳實踐 — 部署篇(工具部署)SpringGCCloud
- kubernetes實踐之十:Kubernetes-dashboard+Heapster+InfluxDB+GrafanaUXGrafana
- 利用 Kubernetes 降本增效?EasyMR 基於 Kubernetes 部署的探索實踐
- kubernetes實踐之六十九:istio-1.0.0部署和試用
- 實用webpack外掛之DefinePluginWebPlugin
- GitOps實踐之kubernetes安裝argocdGitGo
- kubernetes實踐之四十二:StatefulSet
- kubernetes實踐之五十六:雲原生
- kubernetes實踐之五:網路模型模型
- kubernetes實踐之九:kube-dnsDNS
- kubernetes實踐之五十五:kubectl之配置kubeconfig
- SpringCloud 應用在 Kubernetes 上的最佳實踐 — 部署篇(開發部署)SpringGCCloud
- Kubernetes 入門實踐--部署執行 Go 專案Go
- Rainbond的 Gateway API 外掛製作實踐AIGatewayAPI
- Grafana的Datasource外掛開發實踐二Grafana
- Grafana的Datasource外掛開發實踐一Grafana
- kubernetes生產實踐之redis-clusterRedis