在kubernetes1.2的时候,采用了skydns + kube2dns +etcd的方式来部署dns。而从1.3开始,则部署方式有了一点儿变化,将skydns和kube2dns封装到了一个容器镜像中,放弃了etcd,而将dns解析直接放入到了内存之中,同时引入了dnsmasq,进一步利用其缓存,具体的原理,请查阅相关文档。本篇文档,主要阐述新版的dns在kubernetes中的具体部署。

  在Kubernetes的源码目录中,有个cluster/addons/dns目录,下面有几个与dns相关的文件,我们将其中的skydns-rc.yaml.sed以及skydns-svc.yaml.sed文件下载到本地,并去掉后缀。只是拷贝文件的话,可以通过https://rawgit.com这个地址加速,如下:

wget https://rawgit.com/kubernetes/kubernetes/release-1.5/cluster/addons/dns/skydns-rc.yaml.sed -O skydns-rc.yaml

wget https://rawgit.com/kubernetes/kubernetes/release-1.5/cluster/addons/dns/skydns-svc.yaml.sed -O skydns-svc.yaml

下载下来的原文件是用于saltstack自动化安装的,我们手动处理的时候,需要进行相关修改。

修改skydns-rc.yaml内容如下:

# Copyright  The Kubernetes Authors.

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#     http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

# TODO - At some point, we need to rename all skydns-*.yaml.* files to kubedns-*.yaml.*

# Should keep target in cluster/addons/dns-horizontal-autoscaler/dns-horizontal-autoscaler.yaml

# in sync with this file.

# __MACHINE_GENERATED_WARNING__

apiVersion: extensions/v1beta1

kind: Deployment

metadata:

  name: kube-dns

  namespace: kube-system

  labels:

    k8s-app: kube-dns

    kubernetes.io/cluster-service: "true"

spec:
 #指定副本数

  replicas:

  # replicas: not specified here:

  # . In order to make Addon Manager do not reconcile this replicas parameter.

  # . Default is .

  # . Will be tuned in real time if DNS horizontal auto-scaling is turned on.

  strategy:

    rollingUpdate:

      maxSurge: %

      maxUnavailable:

  selector:

    matchLabels:

      k8s-app: kube-dns

  template:

    metadata:

      labels:

        k8s-app: kube-dns

      annotations:

        scheduler.alpha.kubernetes.io/critical-pod: ''

        scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'

    spec:

      containers:

      - name: kubedns
     #修改image地址,默认是google的仓库地址,如果不担心被墙,可以直接使用,我这里使用的私有仓库地址,如果要使用国内其他仓库地址,推荐使用阿里云镜像库

        image: myhub.fdccloud.com/library/kubedns-amd64:1.9

        resources:

          # TODO: Set memory limits when we've profiled the container for large

          # clusters, then set request = limit to keep this container in

          # guaranteed class. Currently, this container falls into the

          # "burstable" category so the kubelet doesn't backoff from restarting it.

          limits:

            memory: 170Mi

          requests:

            cpu: 100m

            memory: 70Mi

        livenessProbe:

          httpGet:

            path: /healthz-kubedns

            port:

            scheme: HTTP

          initialDelaySeconds:

          timeoutSeconds:

          successThreshold:

          failureThreshold:

        readinessProbe:

          httpGet:

            path: /readiness

            port:

            scheme: HTTP

          # we poll on pod startup for the Kubernetes master service and

          # only setup the /readiness HTTP server once that's available.

          initialDelaySeconds:

          timeoutSeconds:

        args:
     # --domain指定一级域名,可自定义

        - --domain=cluster.local.

        - --dns-port=

        - --config-map=kube-dns
     #增加--kube-master-url,指向kube master的地址

        - --kube-master-url=http://10.5.10.116:8080

        # This should be set to v= only after the new image (cut from 1.5) has

        # been released, otherwise we will flood the logs.

        - --v=

        #__PILLAR__FEDERATIONS__DOMAIN__MAP__

        env:

        - name: PROMETHEUS_PORT

          value: ""

        ports:

        - containerPort:

          name: dns-local

          protocol: UDP

        - containerPort:

          name: dns-tcp-local

          protocol: TCP

        - containerPort:

          name: metrics

          protocol: TCP

      - name: dnsmasq

        image: myhub.fdccloud.com/library/kube-dnsmasq-amd64:1.4

        livenessProbe:

          httpGet:

            path: /healthz-dnsmasq

            port:

            scheme: HTTP

          initialDelaySeconds:

          timeoutSeconds:

          successThreshold:

          failureThreshold:

        args:

        - --cache-size=

        - --no-resolv

        - --server=127.0.0.1#

        #- --log-facility=-  #注释掉该行

        ports:

        - containerPort:

          name: dns

          protocol: UDP

        - containerPort:

          name: dns-tcp

          protocol: TCP

        # see: https://github.com/kubernetes/kubernetes/issues/29055 for details

        resources:

          requests:

            cpu: 150m

            memory: 10Mi

      - name: dnsmasq-metrics

        image: myhub.fdccloud.com/library/dnsmasq-metrics-amd64:1.0

        livenessProbe:

          httpGet:

            path: /metrics

            port:

            scheme: HTTP

          initialDelaySeconds:

          timeoutSeconds:

          successThreshold:

          failureThreshold:

        args:

        - --v=

        - --logtostderr

        ports:

        - containerPort:

          name: metrics

          protocol: TCP

        resources:

          requests:

            memory: 10Mi

      - name: healthz

        image: myhub.fdccloud.com/library/exechealthz-amd64:1.2

        resources:

          limits:

            memory: 50Mi

          requests:

            cpu: 10m

            # Note that this container shouldn't really need 50Mi of memory. The

            # limits are set higher than expected pending investigation on #.

            # The extra memory was stolen from the kubedns container to keep the

            # net memory requested by the pod constant.

            memory: 50Mi

        args:

        - --cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1 >/dev/null

        - --url=/healthz-dnsmasq

        - --cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1: >/dev/null

        - --url=/healthz-kubedns

        - --port=

        - --quiet

        ports:

        - containerPort:

          protocol: TCP

      dnsPolicy: Default  # Don't use cluster DNS.

修改skydns-svc.yaml内容如下:

# Copyright  The Kubernetes Authors.

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#     http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

# TODO - At some point, we need to rename all skydns-*.yaml.* files to kubedns-*.yaml.*

# __MACHINE_GENERATED_WARNING__

apiVersion: v1

kind: Service

metadata:

  name: kube-dns

  namespace: kube-system

  labels:

    k8s-app: kube-dns

    kubernetes.io/cluster-service: "true"

    kubernetes.io/name: "KubeDNS"

spec:

  selector:

    k8s-app: kube-dns
  #指定clusterIP,后面各pod的dns地址都会指向该地址

  clusterIP: 10.254.0.100

  ports:

  - name: dns

    port:

    protocol: UDP

  - name: dns-tcp

    port:

    protocol: TCP

启动dns:

kubectl create -f skydns-rc.yaml

kubectl create -f skydns-svc.yaml

修改各node节点上的/etc/kubernetes/kubelet配置文件,增加如下行:

KUBELET_ARGS="--cluster_dns=10.254.0.100 --cluster_domain=cluster.local"

重启各节点:

systemctl restart kubelet

添加一个busybox的pod用于测试,busybox.yaml内容如下:

apiVersion: v1

kind: Pod

metadata:

  labels:

    name: busybox

    role: master

  name: busybox

spec:

  containers:

  - name: busybox

    image: myhub.fdccloud.com/library/busybox

    command:

    - sleep

    - ""

执行如下操作:

kubectl exec -it busybox sh

nslookup kubernetes

nslookup kubernetes.default.cluster.local

nslookup kubernetes.default.svc.cluster.local

如果能正常解析,则部署OK。

Kubernetes 1.5 配置dns的更多相关文章

  1. Kubernetes ServiceAccount的配置

    开始配置Kubernetes集群的时候为了少出问题,都是在apiserver配置中去掉ServiceAccount采用非安全连接的方式,但在后面配置FEK日志的过程中,很多时候绕不开这个安全机制,但因 ...

  2. Kubernetes集群部署DNS插件

    准备 kube-dns 相关镜像 准备 kube-dns 相关 yaml 文件 系统预定义的 RoleBinding 配置 kube-dns 相关服务 检查 kube-dns 功能 kube-dns ...

  3. DNSmasq – 配置DNS和DHCP

    DNSmasq是一个小巧且方便地用于配置DNS和DHCP的工具,适用于小型网络.它提供了DNS功能和可选择的DHCP功能可以取代dhcpd(DHCPD服务配置)和bind等服务,配置起来更简单,更适用 ...

  4. 在Debian上用Bind 配置DNS服务器

    1 什么是DNS 初学者可能不理解DNS到底是什么,干什么用.我是在1998年大学毕业时才听说这个词的.那时我在聊天室碰到潍坊信息港的一个网管,我恬不知耻地说我也是个网管,他说也维护DNS吗?我说,D ...

  5. 配置DNS服务器

    一.配置基本的DNS 服务器(包含正向解析和反向解析)域名:abc.com服务器IP:10.1.2.11 1. 编辑主配置文件/etc/named.conf---------------------- ...

  6. 烂泥:centos安装及配置DNS服务器

    本文由秀依林枫提供友情赞助,首发于烂泥行天下. 要在centos配置DNS服务器,要先安装DNS软件BIND.当然我们也可以安装其他的DNS软件,比如国内的开源DNS软件DNSPod. 在此我们以通过 ...

  7. Linux下/etc/resolv.conf 配置DNS客户

    文件/etc/resolv.conf配置DNS客户,它包含了主机的域名搜索顺序和DNS服务器的地址,每一行应包含一个关键字和一个或多个的由空格隔开的参数.下面是一个例子文件: search mydom ...

  8. ubuntu配置DNS

    众所周知,centos配置DNS很简单,修改下/etc/resolv.conf,就可以生效.但是ubuntu中,resolv.conf文件却说明写入会被覆盖,不能写在这里. 方法一: 修改/etc/n ...

  9. 如何配置DNS服务器(局域网——域名指向某个IP地址)

    单击“开始”,指向“管理工具”,然后单击“DNS”,打开 DNS 管理器.   如有必要,向管理单元添加适用的服务器,然后连接该服务器.在控制台树中,单击适用的 DNS 服务器.   在“操作”菜单上 ...

随机推荐

  1. OO的第一次死亡

    久仰OO大名,总是想着提前做点准备,其实到头来还是什么准备都没有做,所以这学期就是从零开始的面向对象生活,也因此遇到了很多的问题. 第一次作业——多项式加减 第一次作业历来是较为简单的,但是对于面向对 ...

  2. Spring笔记①--helloworld

    Spring Spring是一个轻量级控制反转(IoC)和面向切面(AOP)的容器框架,它主要是为了解决企业应用开发的复杂性而诞生的: 目的:解决企业应用开发的复杂性 功能:使用基本的Javabean ...

  3. 进阶系列(11)—— C#多线程

    一.多线程的相关概念 1.进程:是操作系统结构的基础:是一个正在执行的程序:计算机中正在运行的程序实例:可以分配给处理器并由处理器执行的一个实体:由单一顺序的执行显示,一个当前状态和一组相关的系统资源 ...

  4. ListViewAnimations使用时报错NoClassDefFoundError: com.nineoldandroids.animation.Animator

    见 https://github.com/nhaarman/ListViewAnimations/issues/294 解决: Add this to your dependencies in you ...

  5. Week-2-作业1

    第一章 概论 1.什么是程序? 答:在学习软件工程导论前,我们已经学习了一些计算机语言和数据结构这样的课程,并深刻的知道“程序=数据结构+算法”,但在学习中还是会产生如书中1.1讲所提到的那些疑问,二 ...

  6. 团队作业之404 Note Found Team

    如果记忆是一个罐头的话,我希望这一罐罐头不会过期----<重庆森林> 404 Note Found Team 如果记忆是一个备忘录的话,别说了,它不会过期----<404 Note ...

  7. SQL语句中的output用法

    private void button2_Click(object sender, RoutedEventArgs e) { using (SqlConnection conn = new SqlCo ...

  8. Tuscany glossary of terms

    SOA(service-oriented architecture) 面向服务的架构 解决问题:面向服务.多语言.多种数据格式.多协议 SCA(Service Component Architectu ...

  9. 【第十周】psp

    代码累计 300+575+475+353+620+703=2926 随笔字数 1700+3000+3785+4210+4333+3032=20727 知识点 机器学习,支持向量机 数据库技术 Acm刷 ...

  10. C#基础知识(base、this、new、override、abstract、virtual、static)

    前言 本文主要来讲解一下C#中,自己觉得掌握的不怎么样或者用的不多,不太熟悉的关键字,主要包括base.this.new.override.abstract.virtual以及针对static字段和s ...