tags: addons, dns, coredns
将下载的 kubernetes-server-linux-amd64.tar.gz 解压后,再解压其中的 kubernetes-src.tar.gz 文件。coredns 对应的目录是 cluster/addons/dns
:
[admin@k8s-admin ~]$ ls kubernetes/
addons kubernetes-src.tar.gz LICENSES server
[admin@k8s-admin ~]$ mkdir kubernetes/kubernetes-src
[admin@k8s-admin ~]$ tar -zxf kubernetes/kubernetes-src.tar.gz -C kubernetes/kubernetes-src
[admin@k8s-admin ~]$ ls kubernetes/kubernetes-src/cluster/addons/dns/coredns
coredns.yaml.base coredns.yaml.in coredns.yaml.sed Makefile transforms2salt.sed transforms2sed.sed
[admin@k8s-admin ~]$ cp -R kubernetes/kubernetes-src/cluster/addons/dns/coredns yaml/
修改 coredns 配置文件:
[admin@k8s-admin ~]$ source environment.sh
[admin@k8s-admin ~]$ cp yaml/coredns/coredns.yaml.base yaml/coredns/coredns.yaml
[admin@k8s-admin ~]$ sed -i "{
s/__PILLAR__DNS__SERVER__/$DNS_SERVER_IP/g
s/__PILLAR__DNS__DOMAIN__/$DNS_DOMAIN/g
s/image: k8s.gcr.io/image: coredns/g
}" yaml/coredns/coredns.yaml
- 注意,这里使用的是双引号,这样才能替换
$DNS_SERVER_IP
和$DNS_DOMAIN
两个变量。
[admin@k8s-admin ~]$ kubectl create -f yaml/coredns/coredns.yaml
serviceaccount/coredns created
clusterrole.rbac.authorization.k8s.io/system:coredns created
clusterrolebinding.rbac.authorization.k8s.io/system:coredns created
configmap/coredns created
deployment.extensions/coredns created
service/kube-dns created
[admin@k8s-admin ~]$ kubectl get all -n kube-system
NAME READY STATUS RESTARTS AGE
pod/coredns-dc8bbbcf9-w62r9 1/1 Running 0 58s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kube-dns ClusterIP 10.0.0.2 <none> 53/UDP,53/TCP 16m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/coredns 1/1 1 1 38m
NAME DESIRED CURRENT READY AGE
replicaset.apps/coredns-dc8bbbcf9 1 1 1 58s
replicaset.apps/coredns-fff89c9b9 0 0 0 38m
[admin@k8s-admin ~]$ kubectl get clusterrole system:coredns
NAME AGE
system:coredns 30m
[admin@k8s-admin ~]$ kubectl get clusterrolebinding system:coredns
NAME AGE
system:coredns 30m
新建一个 Deployment
[admin@k8s-admin ~]$ cat > yaml/my-nginx.yaml <<EOF
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 2
template:
metadata:
labels:
run: my-nginx
spec:
containers:
- name: my-nginx
image: nginx:latest
ports:
- containerPort: 80
EOF
[admin@k8s-admin ~]$ kubectl create -f yaml/my-nginx.yaml
deployment.extensions/my-nginx created
Export 该 Deployment, 生成 my-nginx
服务:
[admin@k8s-admin ~]$ kubectl expose deployment my-nginx
service/my-nginx exposed
[admin@k8s-admin ~]$ kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 44h
my-nginx ClusterIP 10.0.11.108 <none> 80/TCP 20s
创建另一个 Pod,查看 /etc/resolv.conf
是否包含 kubelet
组件的 --config
参数指定的配置文件(这里是 /etc/kubernetes/kubelet.config.yaml
)中的 clusterDNS
和 clusterDomain
(或者 --cluster-dns
和 --cluster-domain
参数):
[admin@k8s-admin ~]$ kubectl run -it dnsutils --image=tutum/dnsutils:latest --generator=run-pod/v1
If you don't see a command prompt, try pressing enter.
root@dnsutils:/#
root@dnsutils:/# cat /etc/resolv.conf
nameserver 10.0.0.2
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5
- 如果这里的
nameserver
不正确,检查 kubelet 组件的config
参数指定的配置文件(这里是/etc/kubernetes/kubelet.config.yaml
)中的clusterDNS
是否设置正确。
检查是否能够将服务 my-nginx
解析到上面显示的 Cluster IP 10.0.11.108
:
[admin@k8s-admin ~]$ kubectl exec -it dnsutils -- bash
root@dnsutils:/# nslookup kubernetes
Server: 10.0.0.2
Address: 10.0.0.2#53
Name: kubernetes.default.svc.cluster.local
Address: 10.0.0.1
root@dnsutils:/# nslookup my-nginx
Server: 10.0.0.2
Address: 10.0.0.2#53
Name: my-nginx.default.svc.cluster.local
Address: 10.0.11.108
root@dnsutils:/# nslookup www.baidu.com
Server: 10.0.0.2
Address: 10.0.0.2#53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 180.97.33.107
Name: www.a.shifen.com
Address: 180.97.33.108
root@dnsutils:/# nslookup www.baidu.com.
Server: 10.0.0.2
Address: 10.0.0.2#53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 180.97.33.108
Name: www.a.shifen.com
Address: 180.97.33.107
- https://community.infoblox.com/t5/Community-Blog/CoreDNS-for-Kubernetes-Service-Discovery/ba-p/8187
- https://coredns.io/2017/03/01/coredns-for-kubernetes-service-discovery-take-2/
- https://www.cnblogs.com/boshen-hzb/p/7511432.html
- https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/dns