CoreDNS解决了什么问题?
k8s平台中,各种应用会随机分发到节点服务器上运行,外界无法找到应用的访问地址。
一、配置pod资源定义模板
(本次实验采用网络存储方式来保存pod定义模板,实际应用的时候也可以以本地文件的形式保存)
1.1 配置Nginx (在 k8s-5-141 主机上操作)
#添加nginx转发服务[root@k8s-5-141 /]# vim /etc/nginx/conf.d/k8s-yaml.od.com.confserver {listen 80;server_name k8s-yaml.od.com;location / {autoindex on;default_type text/plain;root /data/k8s-yaml;}}# 创建需要用到的目录[root@k8s-5-141 /]# mkdir /data/k8s-yaml/coredns#重启nginx[root@k8s-5-141 /]# nginx -t[root@k8s-5-141 /]# nginx -s reload
1.2 创建 pod 定义模板
# cm.yaml[root@k8s-5-141 /]# vim /data/k8s-yaml/coredns/cm.yamlapiVersion: v1kind: ConfigMapmetadata:name: corednsnamespace: kube-systemdata:Corefile: |.:53 {errorsloghealthreadykubernetes cluster.local 192.168.0.0/16forward . 192.168.5.140cache 30loopreloadloadbalance}# dp.yaml[root@k8s-5-141 /]# vim /data/k8s-yaml/coredns/dp.yamlapiVersion: apps/v1kind: Deploymentmetadata:name: corednsnamespace: kube-systemlabels:k8s-app: corednskubernetes.io/name: "CoreDNS"spec:replicas: 1selector:matchLabels:k8s-app: corednstemplate:metadata:labels:k8s-app: corednsspec:priorityClassName: system-cluster-criticalserviceAccountName: corednscontainers:- name: corednsimage: harbor.od.com/public/coredns:1.7.0args:- -conf- /etc/coredns/CorefilevolumeMounts:- name: config-volumemountPath: /etc/corednsports:- containerPort: 53name: dnsprotocol: UDP- containerPort: 53name: dns-tcpprotocol: TCP- containerPort: 9153name: metricsprotocol: TCPlivenessProbe:httpGet:path: /healthport: 8080scheme: HTTPinitialDelaySeconds: 60timeoutSeconds: 5successThreshold: 1failureThreshold: 5dnsPolicy: Defaultvolumes:- name: config-volumeconfigMap:name: corednsitems:- key: Corefilepath: Corefile#rbac.yaml[root@k8s-5-141 /]# vim /data/k8s-yaml/coredns/rbac.yamlapiVersion: v1kind: ServiceAccountmetadata:name: corednsnamespace: kube-systemlabels:kubernetes.io/cluster-service: "true"addonmanager.kubernetes.io/mode: Reconcile---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata:labels:kubernetes.io/bootstrapping: rbac-defaultsaddonmanager.kubernetes.io/mode: Reconcilename: system:corednsrules:- apiGroups:- ""resources:- endpoints- services- pods- namespacesverbs:- list- watch---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata:annotations:rbac.authorization.kubernetes.io/autoupdate: "true"labels:kubernetes.io/bootstrapping: rbac-defaultsaddonmanager.kubernetes.io/mode: EnsureExistsname: system:corednsroleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: system:corednssubjects:- kind: ServiceAccountname: corednsnamespace: kube-system#svc.yaml[root@k8s-5-141 /]# vim /data/k8s-yaml/coredns/svc.yamlapiVersion: v1kind: Servicemetadata:name: corednsnamespace: kube-systemlabels:k8s-app: corednskubernetes.io/cluster-service: "true"kubernetes.io/name: "CoreDNS"spec:selector:k8s-app: corednsclusterIP: 192.168.0.2ports:- name: dnsport: 53protocol: UDP- name: dns-tcpport: 53- name: metricsport: 9153protocol: TCP
1.3 设置 dns
在 k8s-5-140 服务器上操作
[root@k8s-5-140 ~]# vim /var/named/od.com.zone$ORIGIN od.com.$TTL 600 ; 10 minutes@ IN SOA dns.od.com. dnsadmin.od.com. (2021031605 ; serial10800 ; refresh (3 hours)900 ; retry (15 minutes)604800 ; expire (1 week)86400 ; minimum (1 day))NS dns.od.com.$TTL 60 ; 1 minutedns A 192.168.5.140harbor A 192.168.5.141k8s-yaml A 192.168.5.141 #增加这一行# 重启named服务[root@k8s-5-140 ~]# systemctl restart named[root@k8s-5-140 ~]# dig -t A k8s-yaml.od.com @192.168.5.140 +short192.168.5.141
二、下载coredns镜像
在任何一台安装有docker的服务器上操作都行, 我为了验证k8s集群自动部署的效果,所以在运维主机上操作的
[root@k8s-5-141 /]# docker pull coredns/coredns:1.7.01.7.0: Pulling from coredns/corednsDigest: sha256:73ca82b4ce829766d4f1f10947c3a338888f876fbed0540dc849c89ff256e90cStatus: Image is up to date for coredns/coredns:1.7.0docker.io/coredns/coredns:1.7.0[root@k8s-5-141 /]# docker images |grep corednscoredns/coredns 1.7.0 bfe3a36ebd25 9 months ago 45.2MB[root@k8s-5-141 /]# docker tag bfe3a36ebd25 harbor.od.com/public/coredns:1.7.0[root@k8s-5-141 /]# docker images |grep corednscoredns/coredns 1.7.0 bfe3a36ebd25 9 months ago 45.2MBharbor.od.com/public/coredns 1.7.0 bfe3a36ebd25 9 months ago 45.2MB[root@alice001 ~]# docker push harbor.od.com/public/coredns:1.7.0docker push harbor.od.com/public/coredns:1.7.0The push refers to repository [harbor.od.com/public/coredns]da1ec456edc8: Pushed225df95e717c: Pushed1.7.0: digest: sha256:c7bf0ce4123212c87db74050d4cbab77d8f7e0b49c041e894a35ef15827cf938 size: 739
三、部署 coredns
在任意一台k8s节点服务器上操作
[root@k8s-5-138 ~]# kubectl apply -f http://k8s-yaml.od.com/coredns/rbac.yamlserviceaccount/coredns createdclusterrole.rbac.authorization.k8s.io/system:coredns createdclusterrolebinding.rbac.authorization.k8s.io/system:coredns created[root@k8s-5-138 ~]# kubectl apply -f http://k8s-yaml.od.com/coredns/cm.yamlconfigmap/coredns created[root@k8s-5-138 ~]# kubectl apply -f http://k8s-yaml.od.com/coredns/dp.yamldeployment.apps/coredns created[root@k8s-5-138 ~]# kubectl apply -f http://k8s-yaml.od.com/coredns/svc.yamlservice/coredns created
四、验证
[root@k8s-5-138 ~]# dig -t A www.baidu.com @192.168.0.2 +shortwww.a.shifen.com.14.215.177.3814.215.177.39[root@k8s-5-138 ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 192.168.0.1 <none> 443/TCP 7dnginx-web ClusterIP 192.168.200.143 <none> 80/TCP 20h[root@k8s-5-138 ~]# kubectl get svc -n kube-systemNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEcoredns ClusterIP 192.168.0.2 <none> 53/UDP,53/TCP,9153/TCP 20h[root@k8s-5-138 ~]# dig -t A nginx-web.default.svc.cluster.local @192.168.0.2 +short192.168.200.143#部署应用,检查是否可以通过[root@alice002 ~]# kubectl create deployment nginx-ds --image=harbor.od.com/public/nginx:v1.7.9deployment.apps/nginx-ds created[root@alice002 ~]# kubectl expose deployment nginx-ds --port=80 --target-port=80service/nginx-web exposed
若有收获,就点个赞吧
0 人点赞
