k8s 集群环境之bind 9

1.开始安装11主机bind 9

安装必要软件
#yum -y install wget net-tools telnet tree nmap sysstat lrzsz dos2unix bind-utils -y
[root@hdss7-11 ~]# yum install -y bind
配置bind
[root@hdss7-11 ~]# vi /etc/named.conf            # BIND进程的工作属性，区域的定义
13         listen-on port 53 { 192.168.154.11; };    # 监听本机IP
14         listen-on-v6 port 53 { ::1; };        # 删除，不监听IPV6
20         allow-query     { any; };            # 允许所有主机查看
21         forwarders      { 192.168.154.2; };        # 办公网上一级的DNS,（生产写运营商dns）
33         recursion yes;                # dns采用递归的查询
35         dnssec-enable no;                # 关闭，节省资源（生产可能不需要关闭）
36         dnssec-validation no;            # 关闭，节省资源，不做互联网认证
检查配置
[root@hdss7-11 ~]# named-checkconf 
[root@hdss7-11 ~]# echo $?
配置区域配置文件在文件末尾添加
[root@hdss7-11 ~]# vim /etc/named.rfc1912.zones 
zone "host.com" IN {
        type  master;
        file  "host.com.zone";
        allow-update { 192.168.12.11; };
};
zone "od.com" IN {
        type  master;
        file  "od.com.zone";
        allow-update { 192.168.12.11; };
};
配置区域数据文件   
[root@hdss7-11 ~]# vi /var/named/host.com.zone
[root@hdss7-11 ~]# cat /var/named/host.com.zone
$ORIGIN host.com.
$TTL 600    ; 10 minutes
@       IN SOA    dns.host.com. dnsadmin.host.com. (
                20200606 ; serial
                10800      ; refresh (3 hours)
                900        ; retry (15 minutes)
                604800     ; expire (1 week)
                86400      ; minimum (1 day)
                )
            NS   dns.host.com.
$TTL 60    ; 1 minute
dns                A    192.168.12.11
HDSS7-11           A    192.168.12.11
HDSS7-12           A    192.168.12.12
HDSS7-21           A    192.168.12.21
HDSS7-22           A    192.168.12.22
HDSS7-200          A    192.168.12.200
[root@hdss7-11 ~]# cat /var/named/od.com.zone
$ORIGIN od.com.
$TTL 600    ; 10 minutes
@           IN SOA    dns.od.com. dnsadmin.od.com. (
                20200606 ; serial
                10800      ; refresh (3 hours)
                900        ; retry (15 minutes)
                604800     ; expire (1 week)
                86400      ; minimum (1 day)
                )
                NS   dns.od.com.
$TTL 60    ; 1 minute
dns                A    192.168.12.11
检测区域数据文件
[root@hdss7-11 ~]#  named-checkconf
[root@hdss7-11 ~]# named-checkzone "host.com" /var/named/host.com.zone
zone host.com/IN: loaded serial 20200606
OK
[root@hdss7-11 ~]# named-checkzone "od.com" /var/named/od.com.zone
zone od.com/IN: loaded serial 20200606
OK
更改文件的属组权限
[root@hdss7-11 ~]# chown root:named /var/named/host.com.zone 
[root@hdss7-11 ~]# chown root:named /var/named/od.com.zone
[root@hdss7-11 ~]# chmod 640 /var/named/host.com.zone 
[root@hdss7-11 ~]# chmod 640 /var/named/od.com.zone 
[root@hdss7-11 ~]#  systemctl restart named
[root@hdss7-11 ~]#  systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@hdss7-11 ~]# netstat -lntup|grep 53
tcp        0      0 192.168.12.11:53        0.0.0.0:*               LISTEN      1752/named          
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      1752/named          
tcp6       0      0 ::1:953                 :::*                    LISTEN      1752/named          
udp        0      0 192.168.12.11:53        0.0.0.0:*                           1752/named          
验证解析
[root@hdss7-11 ~]#  dig -t A hdss7-21.host.com @192.168.12.11 +short
192.168.12.21
[root@hdss7-11 ~]#  dig -t A hdss7-200.host.com @192.168.12.11 +short
192.168.12.200

2 其他节点DNS指向11

11修改dns
[root@hdss7-11 ~]# cat  /etc/sysconfig/network-scripts/ifcfg-eth0 
TYPE=Ethernet
BOOTPROTO=none
HWRADD=00:0c:29:c7:cd:40
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.12.11
GATEWAY=192.168.12.1
DNS1=192.168.12.11

[root@hdss7-11 ~]# /etc/init.d/network restart
Restarting network (via systemctl):                        [  OK  ]
[root@hdss7-11 ~]# ping baidu.com
PING baidu.com (39.156.69.79) 56(84) bytes of data.
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=1 ttl=128 time=202 ms
[root@hdss7-11 ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
search host.com
nameserver 192.168.12.11




12指定DNS
[root@hdss7-12 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
DNS=192.168.12.11
[root@hdss7-12 ~]# /etc/init.d/network restart
[root@hdss7-12 ~]# curl -I www.baidu.com
HTTP/1.1 200 OK
[root@hdss7-12 ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
search host.com
nameserver 192.168.12.11

21指定dns
[root@hdss7-21 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
DNS=192.168.12.11
[root@hdss7-21 ~]# /etc/init.d/network restart
Restarting network (via systemctl):                        [  OK  ]
[root@hdss7-21 ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
search host.com
nameserver 192.168.12.11
[root@hdss7-21 ~]# curl -i baidu.com
HTTP/1.1 200 OK

22指定dns
[root@hdss7-22 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
DNS=192.168.12.11
[root@hdss7-22 ~]# /etc/init.d/network restart
Restarting network (via systemctl):                        [  OK  ]
[root@hdss7-22 ~]# curl -i baidu.com
HTTP/1.1 200 OK
[root@hdss7-22 ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
search host.com
nameserver 192.168.12.11

200指定dns

[root@hdss7-200 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 
DNS=192.168.12.11
[root@hdss7-200 ~]# /etc/init.d/network restart
Restarting network (via systemctl):                        [  OK  ]
[root@hdss7-200 ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
search host.com
nameserver 192.168.12.11
[root@hdss7-200 ~]# curl -i www.baidu.com
HTTP/1.1 200 OK


windows 10 
将本机的网卡DNS也改成192.168.12.11    IPV4 -- 高级 -- 越点改成20
[c:\~]$ ping hdss7-200.host.com
正在 Ping HDSS7-200.host.com [192.168.12.200] 具有 32 字节的数据:
来自 192.168.12.200 的回复: 字节=32 时间<1ms TTL=64

mac 
偏好设置---网络---高级---DNS--dns为192.168.12.11 搜索域为od.com