一篇特别好的文章:http://ccnuo.com/
服务发现
1.部署kubernetesubernetes的内网资源配置清单
在k8s-60.host.com上,配置一个NGINX,用以提供kubernetes统一的访问资源清单入口
[root@k8s-60 html]# vi /etc/nginx/conf.d/k8s-yaml.od.com.confserver {listen 80;server_name k8s-yaml.od.com;location / {autoindex on;default_type text/plain;root /data/k8s-yaml;}}[root@k8s-60 html]# nginx -t[root@k8s-60 html]# nginx -s reload[root@k8s-60 html]# cd /data[root@k8s-60 data]# mkdir k8s-yaml[root@k8s-60 data]# cd k8s-yaml/[root@k8s-60 k8s-yaml]# mkdir coredns
2.配置dns解析
[root@k8s-20 ~]# vi /var/named/od.com.zone$ORIGIN od.com.$TTL 600 ; 10 minutes@ IN SOA dns.od.com. dnsadmin.od.com. (2019111003 ; serial10800 ; refresh (3 hours)900 ; retry (15 minutes)604800 ; expire (1 week)86400 ; minimum (1 day))NS dns.od.com.$TTL 60 ; 1 minutedns A 192.168.10.20harbor A 192.168.10.60k8s-yaml A 192.168.10.60[root@k8s-20 ~]# systemctl restart named[root@k8s-20 ~]# dig -t A k8s-yaml.od.com @192.168.10.20 +short192.168.10.60
3.浏览器访问k8s-yaml.od.com
可以看到有coredns目录
4.下载docker镜像并打包上传到harbor仓库
[root@hdss7-60 ~]# docker pull coredns/coredns:1.6.1[root@hdss7-60 coredns]# docker tag c0f6e815079e harbor.od.com/public/coredns:v1.6.1[root@hdss7-60 coredns]# docker push harbor.od.com/public/coredns:v1.6.1
5.准备资源配置清单
官方DNS插件—coredns 模板
https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/dns/coredns
rbac.yaml
权限相关
coredns需要用到集群底层的资源,需要拿到集群权限
[root@k8s-60 coredns]# cd /data/k8s-yaml/coredns/[root@k8s-60 coredns]# vi rbac.yamlapiVersion: v1kind: ServiceAccountmetadata:name: corednsnamespace: kube-systemlabels:kubernetes.io/cluster-service: "true"addonmanager.kubernetes.io/mode: Reconcile---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata:labels:kubernetes.io/bootstrapping: rbac-defaultsaddonmanager.kubernetes.io/mode: Reconcilename: system:corednsrules:- apiGroups:- ""resources:- endpoints- services- pods- namespacesverbs:- list- watch---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata:annotations:rbac.authorization.kubernetes.io/autoupdate: "true"labels:kubernetes.io/bootstrapping: rbac-defaultsaddonmanager.kubernetes.io/mode: EnsureExistsname: system:corednsroleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: system:corednssubjects:- kind: ServiceAccountname: corednsnamespace: kube-system
cm.yaml
对coredns进行的配置 corefile
[root@k8s-60 coredns]# vi cm.yamlapiVersion: v1kind: ConfigMapmetadata:name: corednsnamespace: kube-systemdata:Corefile: |.:53 {errorsloghealthreadykubernetes cluster.local 10.96.0.0/22forward . 192.168.10.20cache 30loopreloadloadbalance}
dp.yaml
coredns 的pod的控制器
[root@k8s-60 coredns]# vi dp.yamlapiVersion: apps/v1kind: Deploymentmetadata:name: corednsnamespace: kube-systemlabels:k8s-app: corednskubernetes.io/name: "CoreDNS"spec:replicas: 1selector:matchLabels:k8s-app: corednstemplate:metadata:labels:k8s-app: corednsspec:priorityClassName: system-cluster-criticalserviceAccountName: corednscontainers:- name: corednsimage: harbor.od.com/public/coredns:v1.6.1args:- -conf- /etc/coredns/CorefilevolumeMounts:- name: config-volumemountPath: /etc/corednsports:- containerPort: 53name: dnsprotocol: UDP- containerPort: 53name: dns-tcpprotocol: TCP- containerPort: 9153name: metricsprotocol: TCPlivenessProbe:httpGet:path: /healthport: 8080scheme: HTTPinitialDelaySeconds: 60timeoutSeconds: 5successThreshold: 1failureThreshold: 5dnsPolicy: Defaultvolumes:- name: config-volumeconfigMap:name: corednsitems:- key: Corefilepath: Corefile
svc.yaml
service
[root@k8s-60 coredns]# vi svc.yamlapiVersion: v1kind: Servicemetadata:name: corednsnamespace: kube-systemlabels:k8s-app: corednskubernetes.io/cluster-service: "true"kubernetes.io/name: "CoreDNS"spec:selector:k8s-app: corednsclusterIP: 10.96.0.2ports:- name: dnsport: 53protocol: UDP- name: dns-tcpport: 53- name: metricsport: 9153protocol: TCP
6.应用资源配置
陈述式资源管理方法
[root@k8s-40 ~]# kubectl apply -f http://k8s-yaml.od.com/coredns/rbac.yaml[root@k8s-40 ~]# kubectl apply -f http://k8s-yaml.od.com/coredns/cm.yaml[root@k8s-40 ~]# kubectl apply -f http://k8s-yaml.od.com/coredns/dp.yaml[root@k8s-40 ~]# kubectl apply -f http://k8s-yaml.od.com/coredns/svc.yaml
7.检查创建的资源
[root@k8s-40 ~]# kubectl get all -n kube-systemNAME READY STATUS RESTARTS AGEpod/coredns-6b6c4f9648-8fzsf 1/1 Running 0 17sNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEservice/coredns ClusterIP 10.96.0.2 <none> 53/UDP,53/TCP,9153/TCP 13s## 可以查看到ClusterIP,这个ClusterIP在之前配置的kubelet.sh文件中就已经定好的了NAME READY UP-TO-DATE AVAILABLE AGEdeployment.apps/coredns 1/1 1 1 18sNAME DESIRED CURRENT READY AGEreplicaset.apps/coredns-6b6c4f9648 1 1 1 17s
10.96.0.2在安装集群的时候已经定好了
/opt/kubernetes/server/bin/kubelet.sh
—cluster-dns 10.96.0.2
CoreNDS是使server_name和cluster_ip关联起来
8.验证coreDNS
[root@k8s-40 ~]# dig -t A www.baidu.com @10.96.0.2 +shortwww.a.shifen.com.183.232.231.172183.232.231.174[root@k8s-40 ~]# dig -t A k8s-40.host.com @10.96.0.2 +short192.168.10.40
coredns原理解析
若有收获,就点个赞吧
0 人点赞
