kubernetes部署dns插件
1、部署kubelet服务的时候先指向DNS服务的IP及域名
[[email protected] yml]# cat /etc/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=docker.service
Requires=docker.service
[Service]
WorkingDirectory=/var/lib/kubelet
ExecStart=/opt/k8s/bin/kubelet \
--bootstrap-kubeconfig=/etc/kubernetes/kubelet-bootstrap.kubeconfig \
--cert-dir=/etc/kubernetes/cert \
--kubeconfig=/etc/kubernetes/kubelet.kubeconfig \
--config=/etc/kubernetes/kubelet.config.json \
--hostname-override=v75 \
--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest \
--allow-privileged=true \
--alsologtostderr=true \
--logtostderr=false \
--log-dir=/var/log/kubernetes \
--v=2
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
[[email protected] yml]# cat /etc/kubernetes/kubelet.config.json
{
"kind": "KubeletConfiguration",
"apiVersion": "kubelet.config.k8s.io/v1beta1",
"authentication": {
"x509": {
"clientCAFile": "/etc/kubernetes/cert/ca.pem"
},
"webhook": {
"enabled": true,
"cacheTTL": "2m0s"
},
"anonymous": {
"enabled": false
}
},
"authorization": {
"mode": "Webhook",
"webhook": {
"cacheAuthorizedTTL": "5m0s",
"cacheUnauthorizedTTL": "30s"
}
},
"address": "192.168.156.75",
"port": 10250,
"readOnlyPort": 0,
"cgroupDriver": "cgroupfs",
"hairpinMode": "promiscuous-bridge",
"serializeImagePulls": false,
"featureGates": {
"RotateKubeletClientCertificate": true,
"RotateKubeletServerCertificate": true
},
"clusterDomain": "cluster.local.",
"clusterDNS": ["10.254.0.2"]
}
2、在K8S搭建好以后,再部署coredns插件
https://github.com/kubernetes/kubernetes/releases
下载解压kubernetes-server-linux-amd64.tar.gz 再解压 kubernetes-src.tar.gz
再到这个路径:cluster/addons/dns/coredns
改了三处地方
[[email protected] coredns]# vimdiff coredns.yaml.base coredns.yaml
还有 2 个文件等待编辑
[[email protected] coredns]# kubectl create -f coredns.yaml
serviceaccount/coredns created
clusterrole.rbac.authorization.k8s.io/system:coredns created
clusterrolebinding.rbac.authorization.k8s.io/system:coredns created
configmap/coredns created
deployment.extensions/coredns created
service/kube-dns created
[[email protected] coredns]# kubectl get all -n kube-system 位于kube-system的名称空间
NAME READY STATUS RESTARTS AGE
pod/coredns-dc8bbbcf9-kzlmr 0/1 ContainerCreating 0 85s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kube-dns ClusterIP 10.254.0.2 <none> 53/UDP,53/TCP 88s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/coredns 0/1 1 0 89s
NAME DESIRED CURRENT READY AGE
replicaset.apps/coredns-dc8bbbcf9 1 1 0 88s
3、测试功能
[[email protected] coredns]# vi ng1.yml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 1
template:
metadata:
labels:
run: my-nginx
spec:
containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
[[email protected] coredns]# kubectl create -f ng1.yml
deployment.extensions/my-nginx created
[[email protected] coredns]# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/my-nginx-64fc468bd4-q4n8c 0/1 ContainerCreating 0 26s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.254.0.1 <none> 443/TCP 89d
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/my-nginx 0/1 1 0 29s
NAME DESIRED CURRENT READY AGE
replicaset.apps/my-nginx-64fc468bd4 1 1 0 27s
创建服务:
[[email protected] coredns]# kubectl expose deploy my-nginx
service/my-nginx exposed
查看服务名称及服务对应的K8S内部IP
[[email protected] coredns]# kubectl get services --all-namespaces |grep my-nginx
default my-nginx ClusterIP 10.254.52.167 <none> 80/TCP 14s
在KS8上部署POD测试是否正常解析到服务的IP
[[email protected] coredns]# vi ngtest.yml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: ngtest
spec:
replicas: 1
template:
metadata:
labels:
run: ngtest
spec:
containers:
- name: ngtest
image: nginx
ports:
- containerPort: 80
[[email protected] coredns]# kubectl create -f ngtest.yml
deployment.extensions/ngtest created
[[email protected] coredns]# kubectl get pods
NAME READY STATUS RESTARTS AGE
my-nginx-64fc468bd4-q4n8c 1/1 Running 0 17h
ngtest-67886b856d-k4rp7 1/1 Running 0 32m
进入容器查询DNS
[[email protected] coredns]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
32e78b9524cf nginx "nginx -g 'daemon of…" 30 minutes ago Up 30 minutes k8s_ngtest_ngtest-67886b856d-k4rp7_default_ec25c5ea-5039-11e9-b5aa-000c295d9445_0
1b220ca0ff59 registry.access.redhat.com/rhel7/pod-infrastructure:latest "/usr/bin/pod" 32 minutes ago Up 31 minutes k8s_POD_ngtest-67886b856d-k4rp7_default_ec25c5ea-5039-11e9-b5aa-000c295d9445_0
0d63ae3bbe5d registry:2 "/entrypoint.sh /etc…" 42 hours ago Exited (2) 19 hours ago v75
[[email protected] coredns]# docker exec -it 32e78b9524cf /bin/bash
容器先安装相应的测试工具
[email protected]:/# apt-get update
Get:1 http://security-cdn.debian.org/debian-security stretch/updates InRelease [94.3 kB]
Get:4 http://security-cdn.debian.org/debian-security stretch/updates/main amd64 Packages [481 kB]
Ign:2 http://cdn-fastly.deb.debian.org/debian stretch InRelease
Get:3 http://cdn-fastly.deb.debian.org/debian stretch-updates InRelease [91.0 kB]
Get:5 http://cdn-fastly.deb.debian.org/debian stretch Release [118 kB]
Get:6 http://cdn-fastly.deb.debian.org/debian stretch-updates/main amd64 Packages [11.1 kB]
Get:7 http://cdn-fastly.deb.debian.org/debian stretch Release.gpg [2434 B]
Get:8 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 Packages [7084 kB]
Fetched 7881 kB in 4min 58s (26.4 kB/s)
Reading package lists... Done
[email protected]:/# apt install net-tools
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
net-tools
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 248 kB of archives.
After this operation, 963 kB of additional disk space will be used.
Get:1 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 net-tools amd64 1.60+git20161116.90da8a0-1 [248 kB]
Fetched 248 kB in 5s (45.0 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package net-tools.
(Reading database ... 7027 files and directories currently installed.)
Preparing to unpack .../net-tools_1.60+git20161116.90da8a0-1_amd64.deb ...
Unpacking net-tools (1.60+git20161116.90da8a0-1) ...
Setting up net-tools (1.60+git20161116.90da8a0-1) ...
[email protected]:/# apt install iputils-ping
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
libcap2 libcap2-bin libidn11 libnettle6 libpam-cap
The following NEW packages will be installed:
iputils-ping libcap2 libcap2-bin libidn11 libnettle6 libpam-cap
0 upgraded, 6 newly installed, 0 to remove and 0 not upgraded.
Need to get 421 kB of archives.
After this operation, 970 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 libcap2 amd64 1:2.25-1 [16.8 kB]
Get:2 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 libidn11 amd64 1.33-1 [115 kB]
Get:3 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 libnettle6 amd64 3.3-1+b2 [192 kB]
Get:4 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 iputils-ping amd64 3:20161105-1 [57.5 kB]
Get:5 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 libcap2-bin amd64 1:2.25-1 [26.5 kB]
Get:6 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 libpam-cap amd64 1:2.25-1 [13.5 kB]
Fetched 421 kB in 1s (324 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libcap2:amd64.
(Reading database ... 7083 files and directories currently installed.)
Preparing to unpack .../0-libcap2_1%3a2.25-1_amd64.deb ...
Unpacking libcap2:amd64 (1:2.25-1) ...
Selecting previously unselected package libidn11:amd64.
Preparing to unpack .../1-libidn11_1.33-1_amd64.deb ...
Unpacking libidn11:amd64 (1.33-1) ...
Selecting previously unselected package libnettle6:amd64.
Preparing to unpack .../2-libnettle6_3.3-1+b2_amd64.deb ...
Unpacking libnettle6:amd64 (3.3-1+b2) ...
Selecting previously unselected package iputils-ping.
Preparing to unpack .../3-iputils-ping_3%3a20161105-1_amd64.deb ...
Unpacking iputils-ping (3:20161105-1) ...
lecting previously unselected package libcap2-bin.
▽eparing to unpack .../4-libcap2-bin_1%3a2.25-1_amd64.deb ...
Unpacking libcap2-bin (1:2.25-1) ...
Selecting previously unselected package libpam-cap:amd64.
Preparing to unpack .../5-libpam-cap_1%3a2.25-1_amd64.deb ...
Unpacking libpam-cap:amd64 (1:2.25-1) ...
Setting up libnettle6:amd64 (3.3-1+b2) ...
Setting up libcap2:amd64 (1:2.25-1) ...
Processing triggers for libc-bin (2.24-11+deb9u4) ...
Setting up libidn11:amd64 (1.33-1) ...
Setting up iputils-ping (3:20161105-1) ...
Setting up libpam-cap:amd64 (1:2.25-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (Can't locate Term/ReadLine.pm in @INC (you may need to install the Term::ReadLine module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 /usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base .) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7.)
debconf: falling back to frontend: Teletype
Setting up libcap2-bin (1:2.25-1) ...
Processing triggers for libc-bin (2.24-11+deb9u4) ...
[email protected]:/# ping my-nginx
PING my-nginx.default.svc.cluster.local (10.254.52.167) 56(84) bytes of data.
^C
--- my-nginx.default.svc.cluster.local ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms
PING服务名称返回相应的IP,DNS部署成功
[email protected]:/# cat /etc/resolv.conf
nameserver 10.254.0.2
search default.svc.cluster.local. svc.cluster.local. cluster.local.
options ndots:5
[email protected]:/# ping my-nginx
PING my-nginx.default.svc.cluster.local (10.254.52.167) 56(84) bytes of data.