coredns服务搭建

Posted on Edited on In

下载和配置 coredns

1
2
3
cd /data/apps/k8s/work/
git clone https://github.com/coredns/deployment.git
mv deployment coredns-deployment

创建 coredns

1
2
3
4
5
cd /data/apps/k8s/work/coredns-deployment/kubernetes
export CLUSTER_DNS_SVC_IP="10.254.0.2"
export CLUSTER_DNS_DOMAIN="cluster.local"
./deploy.sh -i ${CLUSTER_DNS_SVC_IP} -d ${CLUSTER_DNS_DOMAIN} > coredns.yaml
kubectl apply -f coredns.yaml

Sep 27 15:35:22 node1 kube-scheduler[8420]: I0927 15:35:22.343021 8420 scheduler.go:667] pod kube-system/coredns-759df9d7b-td7rr is bound successfully on node “node7”, 2 nodes evaluated, 2 nodes were found feasible. Bound node resource: “Capacity: CPU<2>|Memory<4046008Ki>|Pods<220>|StorageEphemeral<41921540Ki>; Allocatable: CPU<2>|Memory<3943608Ki>|Pods<220>|StorageEphemeral<38634891201>.”.

检查 coredns 功能

1
2
3
4
5
6
7
8
9
10
11
12
$ kubectl get all -n kube-system -l k8s-app=kube-dns
NAME                          READY   STATUS    RESTARTS   AGE
pod/coredns-759df9d7b-td7rr   1/1     Running   0          2m7s

NAME               TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE
service/kube-dns   ClusterIP   10.254.0.2   <none>        53/UDP,53/TCP,9153/TCP   2m7s

NAME                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/coredns   1/1     1            1           2m7s

NAME                                DESIRED   CURRENT   READY   AGE
replicaset.apps/coredns-759df9d7b   1         1         1       2m7s

新建一个 Deployment:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
cd /data/apps/k8s/work/
cat > my-nginx.yaml <<EOF
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      run: my-nginx
  template:
    metadata:
      labels:
        run: my-nginx
    spec:
      containers:
      - name: my-nginx
        image: nginx:1.7.9
        ports:
        - containerPort: 80
EOF
kubectl create -f my-nginx.yaml

export 该 Deployment, 生成 my-nginx 服务:

1
2
3
4
5
6
$ kubectl expose deploy my-nginx
service "my-nginx" exposed

$ kubectl get services my-nginx -o wide
NAME       TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE   SELECTOR
my-nginx   ClusterIP   10.254.67.218   <none>        80/TCP    5s    run=my-nginx

创建另一个 Pod,查看 /etc/resolv.conf 是否包含 kubelet 配置的 --cluster-dns--cluster-domain,是否能够将服务 my-nginx 解析到上面显示的 Cluster IP 10.254.67.218

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
cd /data/apps/k8s/work/
cat > dnsutils-ds.yml <<EOF
apiVersion: v1
kind: Service
metadata:
  name: dnsutils-ds
  labels:
    app: dnsutils-ds
spec:
  type: NodePort
  selector:
    app: dnsutils-ds
  ports:
  - name: http
    port: 80
    targetPort: 80
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: dnsutils-ds
  labels:
    addonmanager.kubernetes.io/mode: Reconcile
spec:
  selector:
    matchLabels:
      app: dnsutils-ds
  template:
    metadata:
      labels:
        app: dnsutils-ds
    spec:
      containers:
      - name: my-dnsutils
        image: tutum/dnsutils:latest
        command:
          - sleep
          - "3600"
        ports:
        - containerPort: 80
EOF
kubectl create -f dnsutils-ds.yml
1
2
3
4
$ kubectl get pods -l app=dnsutils-ds -o wide
NAME                READY   STATUS    RESTARTS   AGE     IP               NODE    NOMINATED NODE   READINESS GATES
dnsutils-ds-t5hqb   1/1     Running   0          4m25s   172.30.139.3     node6   <none>           <none>
dnsutils-ds-zxzhf   1/1     Running   0          4m25s   172.30.199.195   node7   <none>           <none>
1
2
3
4
$ kubectl -it exec dnsutils-ds-t5hqb  cat /etc/resolv.conf
search default.svc.cluster.local svc.cluster.local cluster.local
nameserver 10.254.0.2
options ndots:5

查看一下现有的server

1
2
3
4
5
$ kubectl get services
NAME          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
dnsutils-ds   NodePort    10.254.242.169   <none>        80:31128/TCP   6m36s
kubernetes    ClusterIP   10.254.0.1       <none>        443/TCP        146m
my-nginx      ClusterIP   10.254.2.160     <none>        80/TCP         8m27s

nslookup 验证一下解析信息

1
2
3
4
5
6
$ kubectl -it exec dnsutils-ds-t5hqb nslookup kubernetes
Server:         10.254.0.2
Address:        10.254.0.2#53

Name:   kubernetes.default.svc.cluster.local
Address: 10.254.0.1
1
2
3
4
5
6
$ kubectl -it exec dnsutils-ds-t5hqb nslookup my-nginx
Server:         10.254.0.2
Address:        10.254.0.2#53

Name:   my-nginx.default.svc.cluster.local
Address: 10.254.2.160

nslookup 验证一下外网域名

1
2
3
4
5
6
7
8
9
10
$ kubectl -it exec dnsutils-ds-t5hqb  nslookup www.baidu.com
Server:         10.254.0.2
Address:        10.254.0.2#53

Non-authoritative answer:
www.baidu.com   canonical name = www.a.shifen.com.
Name:   www.a.shifen.com
Address: 39.156.66.18
Name:   www.a.shifen.com
Address: 39.156.66.14

参考

  1. https://community.infoblox.com/t5/Community-Blog/CoreDNS-for-Kubernetes-Service-Discovery/ba-p/8187
  2. https://coredns.io/2017/03/01/coredns-for-kubernetes-service-discovery-take-2/
  3. https://www.cnblogs.com/boshen-hzb/p/7511432.html
  4. https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/dns