k8s--DNS域名服务
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了k8s--DNS域名服务相关的知识,希望对你有一定的参考价值。
在前面安装好的k8s集群环境下,继续增加DNS域名解析服务
Kubernetes提供的DNS由以下三个组件组成:
1. etcd:DNS存储
2. kube2sky:将kubernetes master中的service(服务)注册到etcd
3. skyDNS:提供DNS域名解析服务 这三个组件以pod的方式启动和运行
添加组件镜像etcd,kube2sky,skydns,exechealthz
docker pull docker.gaoxiaobang.com/kubernetes/etcd-amd64:2.2.1
docker pull docker.gaoxiaobang.com/kubernetes/kube2sky:1.14
docker pull docker.gaoxiaobang.com/kubernetes/skydns:2015-10-13-8c72f8c
docker pull docker.gaoxiaobang.com/kubernetes/exechealthz:1.0
docker tag docker.gaoxiaobang.com/kubernetes/skydns:2015-10-13-8c72f8c 192.168.1.5:5000/skydns:2015-10-13-8c72f8c
docker tag docker.gaoxiaobang.com/kubernetes/kube2sky:1.14 192.168.1.5:5000/kube2sky:1.14
docker tag docker.gaoxiaobang.com/kubernetes/etcd-amd64:2.2.1 192.168.1.5:5000/etcd-amd64:2.2.1
docker tag docker.gaoxiaobang.com/kubernetes/exechealthz:1.0 192.168.1.5:5000/exechealthz:1.0
docker push 192.168.1.5:5000/skydns:2015-10-13-8c72f8c
docker push 192.168.1.5:5000/kube2sky:1.14
docker push 192.168.1.5:5000/etcd-amd64:2.2.1
docker push 192.168.1.5:5000/exechealthz:1.0
docker pull busybox #用作命令工具
docker tag docker.io/busybox 192.168.1.5:5000/busybox
docker push 192.168.1.5:5000/busybox
创建yaml文件,skydns-rc.yaml,skydns-svc.yaml,busybox.yaml
cd /home/dns
==============================================================================
vi skydns-rc.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: kube-dns-v9
namespace: default
labels:
k8s-app: kube-dns
version: v9
kubernetes.io/cluster-service: "true"
spec:
replicas: 1
selector:
k8s-app: kube-dns
version: v9
template:
metadata:
labels:
k8s-app: kube-dns
version: v9
kubernetes.io/cluster-service: "true"
spec:
containers:
- name: etcd
image: 192.168.1.5:5000/etcd-amd64:2.2.1
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 100m
memory: 50Mi
command:
- /usr/local/bin/etcd
# - --privileged=true
- -data-dir
- /var/etcd/data
- -listen-client-urls
- http://127.0.0.1:2379,http://127.0.0.1:4001
- -advertise-client-urls
- http://127.0.0.1:2379,http://127.0.0.1:4001
- -initial-cluster-token
- skydns-etcd
volumeMounts:
- mountPath: /var/etcd/data
name: etcd-storage
- name: kube2sky
#image: gcr.io/google_containers/kube2sky:1.11
image: 192.168.1.5:5000/kube2sky:1.14
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 100m
memory: 50Mi
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
httpGet:
path: /readiness
port: 8081
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
args:
# command = "/kube2sky"
# - -etcd-server=http://127.0.0.1:4001
#- -kube_master_url=http://172.27.8.210:8080
- --kube-master-url=http://192.168.1.5:8080
- --domain=atomic.io
- name: skydns
#image: gcr.io/google_containers/skydns:2015-03-11-001
image: 192.168.1.5:5000/skydns:2015-10-13-8c72f8c
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 100m
memory: 50Mi
args:
# command = "/skydns"
- -machines=http://127.0.0.1:2379
- -addr=0.0.0.0:53
- -ns-rotate=false
- -domain=atomic.io
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 1
timeoutSeconds: 5
- name: healthz
#image: gcr.io/google_containers/exechealthz:1.0
image: 192.168.1.5:5000/exechealthz:1.0
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 10m
memory: 20Mi
args:
- -cmd=nslookup kubernetes.default.svc.atomic.io 127.0.0.1 >/dev/null
- -port=8080
ports:
- containerPort: 8080
protocol: TCP
volumes:
- name: etcd-storage
emptyDir: {}
dnsPolicy: Default需要注意修改下面一些内容
1,对应的四个镜像地址
image: 192.168.1.5:5000/etcd-amd64:2.2.1
image: 192.168.1.5:5000/kube2sky:1.14
image: 192.168.1.5:5000/skydns:2015-10-13-8c72f8c
image: 192.168.1.5:5000/exechealthz:1.0
2,master和domain地址
- --kube-master-url=http://192.168.1.5:8080 #集群master的访问地址
- --domain=atomic.io #flannel网络定义的domain
3,namespace的定义
namespace: default
args:
- -cmd=nslookup kubernetes.default.svc.atomic.io 127.0.0.1 >/dev/null #注意namespace和flannel网络名
4,skydns的启动参数-addr=0.0.0.0:53表示使用本机TCP和UDP的53端口提供服务
5,镜像服务的127.0.0.1地址不要随意改,保持原状,保证一个pod内的不同dns应用服务的调用地址一致
6,目录挂载保持一致对应
- -data-dir
- /var/etcd/data
volumeMounts:
- mountPath: /var/etcd/data
=============================================================================
vi skydns-svc.yaml
apiVersion: v1 kind: Service metadata: name: kube-dns namespace: default labels: k8s-app: kube-dns kubernetes.io/cluster-service: "true" kubernetes.io/name: "KubeDNS" spec: selector: k8s-app: kube-dns clusterIP: 10.254.10.20 ports: - name: dns port: 53 protocol: UDP - name: dns-tcp port: 53 protocol: TCP
这个文件需要注意的是
clusterIP: 10.254.10.20
这个IP是在/etc/kubernetes/kubelet中定义的,
KUBELET_ARGS="--cluster-dns=10.254.10.20 --cluster-domain=atomic.io"
每个node上的/etc/kubernetes/kubelet启动参数
--cluster_dns=10.254.10.20 为dns服务的clusterIP
--cluster_domain=atomic.io 为dns服务中设置的域名
如果参数不一致就修改重启该kubelet
vi busybox.yaml
apiVersion: v1 kind: Pod metadata: name: busybox namespace: default spec: containers: - image: 192.168.1.5:5000/busybox command: - sleep - "3600" imagePullPolicy: IfNotPresent name: busybox restartPolicy: Always
创建好文件后,用命令执行创建
kubectl create -f skydns-rc.yaml
kubectl create -f skydns-svc.yaml
kubectl create -f busybox.yaml
kubectl get pods --all-namespaces -o wide
[[email protected] dns]# kubectl get pods --all-namespaces -o wide NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE default busybox 1/1 Running 5 5h 172.17.85.4 k8s-node-1 default kube-dns-v9-hnp4m 4/4 Running 0 5h 172.17.32.5 192.168.1.5 kube-system heapster-3919175978-gd82j 1/1 Running 0 12h 172.17.85.3 k8s-node-1 kube-system kubernetes-dashboard-3155532917-wdq38 1/1 Running 0 12h 172.17.85.2 k8s-node-1 kube-system monitoring-grafana-3994812335-wv9dh 1/1 Running 0 12h 172.17.32.2 192.168.1.5 kube-system monitoring-influxdb-265709471-xv170 1/1 Running 0 12h 172.17.32.3 192.168.1.5
执行dns检测命令(busybox是一个命令工具)
[[email protected] dns]# kubectl exec busybox -- nslookup kubernetes
Server: 10.254.10.20
Address 1: 10.254.10.20
Name: kubernetes
Address 1: 10.254.0.1
如果某个service属于自定义的命名空间,那么在进行service查找时,需要带上namespace的名字
[[email protected] dns]# kubectl exec busybox -- nslookup kubernetes-dashboard.kube-system
Server: 10.254.10.20
Address 1: 10.254.10.20
Name: kubernetes-dashboard.kube-system
Address 1: 10.254.132.77
用命令查看svc,对应下域名解析正确
[[email protected] dns]# kubectl get svc --all-namespaces -o wide
NAMESPACE NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
default kube-dns 10.254.10.20 <none> 53/UDP,53/TCP 5h k8s-app=kube-dns
default kubernetes 10.254.0.1 <none> 443/TCP 8d <none>
kube-system heapster 10.254.189.98 <none> 80/TCP 12h k8s-app=heapster
kube-system kubernetes-dashboard 10.254.132.77 <nodes> 80:30699/TCP 12h app=kubernetes-dashboard
kube-system monitoring-grafana 10.254.178.155 <none> 80/TCP 12h k8s-app=grafana
kube-system monitoring-influxdb 10.254.59.144 <none> 8086/TCP 12h k8s-app=influxdb
以上是关于k8s--DNS域名服务的主要内容,如果未能解决你的问题,请参考以下文章
[k8s]kube-dns/dashboard排错历险记(含sa加载用法/集群搭建)
Flutter 报错 DioError [DioErrorType.DEFAULT]: Bad state: Insecure HTTP is not allowed by platform(代码片段