在搭建openshift,需要用到域名解析,自搭dns服务器,以前都是用named的,这次接触到多两种方式
1.named
[root@base ~]# yum install bind -y[root@base ~]# vim /etc/named.confoptions {listen-on port 53 { 10.83.15.30; }; # 这里是把本机作dns服务器listen-on-v6 port 53 { ::1; };directory "/var/named";dump-file "/var/named/data/cache_dump.db";statistics-file "/var/named/data/named_stats.txt";memstatistics-file "/var/named/data/named_mem_stats.txt";recursing-file "/var/named/data/named.recursing";secroots-file "/var/named/data/named.secroots";allow-query { any; };forwarders { 10.83.15.254; };recursion yes;dnssec-enable no;dnssec-validation no;[root@base ~]# named-checkconf # 检查配置是否有问题[root@base ~]# vim /etc/named.rfc1912.zones # 结尾加一个zonezone "ocp.example.com" IN {type master;file "ocp.example.com.zone";allow-update { 10.83.15.30; };};[root@base ~]# named-checkconf[root@base ~]# vim /var/named/ocp.example.com.zone # 新建zone$ORIGIN ocp.example.com.$TTL 600 ; 10 minutes@ IN SOA dns.ocp.example.com. dnsadmin.ocp.example.com. (2021092901 ; serial10800 ; refresh (3 hours)900 ; retry (15 minutes)604800 ; expire (1 week)86400 ; minimum (1 day))NS dns.ocp.example.com.$TTL 60 ; 1 minutedns A 10.83.15.30api A 10.83.15.30api-int A 10.83.15.30bootstrap A 10.83.15.30master1 A 10.83.15.30master2 A 10.83.15.30master3 A 10.83.15.30worker1 A 10.83.15.30worker2 A 10.83.15.30etcd-0 A 10.83.15.30etcd-1 A 10.83.15.30etcd-2 A 10.83.15.30[root@base ~]# named-checkconf[root@base ~]# systemctl start named[root@base ~]# systemctl enable named[root@base ~]# netstat -lntup | grep 53
2.etcd + coredns
[root@base ~]# yum install -y etcd[root@base ~]# systemctl enable etcd --now[root@base ~]# wget https://github.com/coredns/coredns/releases/download/v1.6.9/coredns_1.6.9_linux_amd64.tgz[root@base ~]# tar zxvf coredns_1.6.9_linux_amd64.tgz[root@base ~]# mv coredns /usr/local/bin# 创建启动文件[root@base ~]# cat > /etc/systemd/system/coredns.service <<EOF[Unit]Description=CoreDNS DNS serverDocumentation=https://coredns.ioAfter=network.target[Service]PermissionsStartOnly=trueLimitNOFILE=1048576LimitNPROC=512CapabilityBoundingSet=CAP_NET_BIND_SERVICEAmbientCapabilities=CAP_NET_BIND_SERVICENoNewPrivileges=trueUser=corednsWorkingDirectory=~ExecStart=/usr/local/bin/coredns -conf=/etc/coredns/CorefileExecReload=/bin/kill -SIGUSR1 $MAINPIDRestart=on-failure[Install]WantedBy=multi-user.targetEOF# 创建Corefile配置文件,要大写[root@base ~]# cat /etc/coredns/Corefile.:53 {template IN A apps.ocp.example.com {match .*apps.ocp.example.comanswer "{{ .Name }} 60 IN A 10.83.15.30"fallthrough}etcd {path /skydnsendpoint http://localhost:2379fallthrough}cache 160loadbalancelog}# 配置解析信息到etcd的skydns目录alias etcdctlv3='ETCDCTL_API=3 etcdctl'etcdctlv3 put /skydns/com/example/ocp/api '{"host":"10.83.15.30","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/api-int '{"host":"10.83.15.30","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/etcd-0 '{"host":"10.83.15.32","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/etcd-1 '{"host":"10.83.15.33","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/etcd-2 '{"host":"10.83.15.34","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/_tcp/_etcd-server-ssl/x1 '{"host":"etcd-0.ocp.example.com","ttl":60,"priority":0,"weight":10,"port":2380}'etcdctlv3 put /skydns/com/example/ocp/_tcp/_etcd-server-ssl/x2 '{"host":"etcd-1.ocp.example.com","ttl":60,"priority":0,"weight":10,"port":2380}'etcdctlv3 put /skydns/com/example/ocp/_tcp/_etcd-server-ssl/x3 '{"host":"etcd-2.ocp.example.com","ttl":60,"priority":0,"weight":10,"port":2380}'# 除此之外再添加各节点主机名记录etcdctlv3 put /skydns/com/example/ocp/bootstrap '{"host":"10.83.15.31","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/master1 '{"host":"10.83.15.32","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/master2 '{"host":"10.83.15.33","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/master3 '{"host":"10.83.15.34","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/worker1 '{"host":"10.83.15.35","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/worker2 '{"host":"10.83.15.36","ttl":60}'etcdctlv3 put /skydns/com/example/ocp/registry '{"host":"10.83.15.30","ttl":60}'[root@base ~]# systemctl start etcd[root@base ~]# systemctl start coredns[root@base ~]# systemctl enable coredns --now[root@base ~]# systemctl enable etcd --now
3.dnsmasq
这是docker安装的
docker search dnsmasqdocker pull jpillora/dnsmasqdocker exec -it xxxx /bin/sh/ # cat etc/dnsmasq.confcache-size=10000dns-forward-max=10000000address=/api.ocp.example.com/10.83.15.30address=/api-int.ocp.example.com/10.83.15.30address=/\*.apps.ocp.example.com/10.83.15.30address=/oauth-openshift.apps.ocp.example.com/10.83.15.30address=/bootstrap.ocp.example.com/10.83.15.31address=/console-openshift-console.apps.ocp.example.com/10.83.15.30address=/master1.ocp.example.com/10.83.15.32address=/master2.ocp.example.com/10.83.15.33address=/master3.ocp.example.com/10.83.15.34address=/worker1.ocp.example.com/10.83.15.35address=/worker2.ocp.example.com/10.83.15.36address=/etcd-0.ocp.example.com/10.83.15.32address=/etcd-1.ocp.example.com/10.83.15.33address=/etcd-2.ocp.example.com/10.83.15.34srv-host=_etcd-server-ssl._tcp.ocp.example.com,etcd-0.ocp.example.com,2380,0,100srv-host=_etcd-server-ssl._tcp.ocp.example.com,etcd-1.ocp.example.com,2380,0,100srv-host=_etcd-server-ssl._tcp.ocp.example.com,etcd-2.ocp.example.com,2380,0,100
验证
修改本机第一DNS为本机地址[root@base ~]# cat /etc/resolv.confnameserver 10.83.15.30nameserver 114.114.114.114[root@base coredns]# dig +short api.ocp.example.com @127.0.0.110.83.15.30[root@base coredns]# dig +short api-int.ocp.example.com @127.0.0.110.83.15.30[root@base coredns]# dig +short bootstrap.ocp.example.com @127.0.0.110.83.15.31[root@base coredns]# dig +short master1.ocp.example.com @127.0.0.110.83.15.32[root@base coredns]# dig +short master2.ocp.example.com @127.0.0.110.83.15.33[root@base coredns]# dig +short master3.ocp.example.com @127.0.0.110.83.15.34[root@base coredns]# dig +short worker1.ocp.example.com @127.0.0.110.83.15.35[root@base coredns]# dig +short worker2.ocp.example.com @127.0.0.110.83.15.36[root@base coredns]# dig +short -t SRV _etcd-server-ssl._tcp.ocp.example.com @127.0.0.110 33 2380 etcd-0.ocp.example.com.10 33 2380 etcd-1.ocp.example.com.10 33 2380 etcd-2.ocp.example.com.
若有收获,就点个赞吧
0 人点赞
