playbook部署coredns

说明test1是主控节点,目的是给test4 node节点安装coredns,

1、coredns-1.2.2.tar.gz安装包放到主控节点/server/software/k8s/目录下,由playbook中的docker导入镜像

2、准备hosts文件

cat >/k8s/profile/hosts <<EOF

[k8s]

192.168.0.91

192.168.0.92

192.168.0.93

[test0]

192.168.0.92

192.168.0.93

[test1]

192.168.0.91

[test2]

192.168.0.92

[test3]

192.168.0.93

[test4]

192.168.0.94

EOF

3、准备playbook文件

cat >/k8s/profile/deploy_coredns.yaml <<EOF

- hosts: test4

  remote_user: root

  become: yes

  become_method: sudo

  vars:

    cluster_dns_svc_ip: 10.254.0.2

    iface: ens33

  tasks:

    - name: copy coredns config file

      template: src=/k8s/profile/coredns.yaml.j2 dest=/k8s/profile/coredns.yaml

    - name: mkdir directory for coredns package

      file: dest=/server/software/k8s/ state=directory mode=0755

    - name: copy coredns-1.2.2.tar

      copy: src=/server/software/k8s/coredns-1.2.2.tar.gz dest=/server/software/k8s/

    - name: load coredns-1.2.2.tar.gz to docker

      shell: docker load < /server/software/k8s/coredns-1.2.2.tar.gz

    - name: install_coredns

      command: kubectl apply -f /k8s/profile/coredns.yaml

EOF

4、准备coredns模板文件

cat >/k8s/profile/coredns.yaml.j2 <<EOF

apiVersion: v1

kind: ServiceAccount

metadata:

  name: coredns

  namespace: kube-system

---

apiVersion: rbac.authorization.k8s.io/v1beta1

kind: ClusterRole

metadata:

  labels:

    kubernetes.io/bootstrapping: rbac-defaults

  name: system:coredns

rules:

- apiGroups:

  - ""

  resources:

  - endpoints

  - services

  - pods

  - namespaces

  verbs:

  - list

  - watch

---

apiVersion: rbac.authorization.k8s.io/v1beta1

kind: ClusterRoleBinding

metadata:

  annotations:

    rbac.authorization.kubernetes.io/autoupdate: "true"

  labels:

    kubernetes.io/bootstrapping: rbac-defaults

  name: system:coredns

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: system:coredns

subjects:

- kind: ServiceAccount

  name: coredns

  namespace: kube-system

---

apiVersion: v1

kind: ConfigMap

metadata:

  name: coredns

  namespace: kube-system

data:

  Corefile: |

    .:53 {

        errors

        health

        kubernetes cluster.local. in-addr.arpa ip6.arpa {

          pods insecure

          upstream

          fallthrough in-addr.arpa ip6.arpa

        }

        prometheus :9153

        proxy . /etc/resolv.conf

        cache 30

        reload

        loadbalance

    }

---

apiVersion: extensions/v1beta1

kind: Deployment

metadata:

  name: coredns

  namespace: kube-system

  labels:

    k8s-app: kube-dns

    kubernetes.io/name: "CoreDNS"

spec:

  replicas: 2

  strategy:

    type: RollingUpdate

    rollingUpdate:

      maxUnavailable: 1

  selector:

    matchLabels:

      k8s-app: kube-dns

  template:

    metadata:

      labels:

        k8s-app: kube-dns

    spec:

      serviceAccountName: coredns

      tolerations:

        - key: node-role.kubernetes.io/master

          effect: NoSchedule

        - key: "CriticalAddonsOnly"

          operator: "Exists"

      containers:

      - name: coredns

        image: coredns/coredns:1.2.0

        imagePullPolicy: IfNotPresent

        resources:

          limits:

            memory: 170Mi

          requests:

            cpu: 100m

            memory: 70Mi

        args: [ "-conf", "/etc/coredns/Corefile" ]

        volumeMounts:

        - name: config-volume

          mountPath: /etc/coredns

          readOnly: true

        ports:

        - containerPort: 53

          name: dns

          protocol: UDP

        - containerPort: 53

          name: dns-tcp

          protocol: TCP

        - containerPort: 9153

          name: metrics

          protocol: TCP

        securityContext:

          allowPrivilegeEscalation: false

          capabilities:

            add:

            - NET_BIND_SERVICE

            drop:

            - all

          readOnlyRootFilesystem: true

        livenessProbe:

          httpGet:

            path: /health

            port: 8080

            scheme: HTTP

          initialDelaySeconds: 60

          timeoutSeconds: 5

          successThreshold: 1

          failureThreshold: 5

      dnsPolicy: Default

      volumes:

        - name: config-volume

          configMap:

            name: coredns

            items:

            - key: Corefile

              path: Corefile

---

apiVersion: v1

kind: Service

metadata:

  name: kube-dns

  namespace: kube-system

  annotations:

    prometheus.io/port: ""

    prometheus.io/scrape: "true"

  labels:

    k8s-app: kube-dns

    kubernetes.io/cluster-service: "true"

    kubernetes.io/name: "CoreDNS"

spec:

  selector:

    k8s-app: kube-dns

  clusterIP: {{ cluster_dns_svc_ip }}

  ports:

  - name: dns

    port: 53

    protocol: UDP

  - name: dns-tcp

    port: 53

    protocol: TCP

EOF

5、开始部署

[root@test1 profile]# ansible-playbook /k8s/profile/deploy_coredns.yaml

playbook部署coredns的更多相关文章

  1. 部署coredns

      1 前提:     1.1不依赖kubeadm的方式,适用于不是使用kubeadm创建的k8s集群,或者kubeadm初始化集群之后,删除了dns相关部署.      1.2 DNS IP :10 ...

  2. 10、二进制安装K8s之部署CoreDNS 和Dashboard

    二进制安装K8s之部署CoreDNS 和Dashboard CoreDNS 和Dashboard 的yaml文件在 k8s源代码压缩包里面可以找到对应的配置文件,很多人从网上直接下载使用别人的,会导致 ...

  3. suse 12 二进制部署 Kubernetets 1.19.7 - 第11章 - 部署coredns组件

    文章目录 1.11.0.部署coredns 1.11.1.测试coredns功能 suse 12 二进制部署 Kubernetes 集群系列合集: suse 12 二进制部署 Kubernetets ...

  4. playbook部署flanneld

    定义playbook的主机组 说明: 1.playbook的主机组和ansible的主机组不一样, 2.playbook的主机组文件必须要和playbook文件在同一个目录下否则会报如下错误: [ro ...

  5. 通过PlayBook部署Zabbix

    编写Linux初始化剧本 初始化剧本环节,主要用户实现关闭Selinux关闭防火墙,一起配置一下阿里云的YUM源地址,和安装EPEL源,为后期的zabbix安装做好铺垫工作. 1.在安装Zabbix之 ...

  6. 通过Playbook部署LAMP

    Ansible的PlayBook文件格式为YAML语言,所以希望你在编写PlayBook前对YAML语法有一定的了解,否则在运行PlayBook的时候经常碰到语法错误提示,这里我们通过介绍批量部署LA ...

  7. playbook部署nginx

    定义playbook的主机组 说明: 1.playbook的主机组和ansible的主机组不一样, 2.playbook的主机组文件必须要和playbook文件在同一个目录下否则会报如下错误: [ro ...

  8. Kubernets二进制安装(15)之安装部署coredns

    在运维主机上(mfyxw50.mfyxw.com)准备Coredns镜像文件,以docker镜像文件的方式部署到Kubernetes集群中去. 1.下载coredns镜像 [root@mfyxw50 ...

  9. ansible playbook部署ELK集群系统

    一.介绍 总共4台机器,分别为 192.168.1.99 192.168.1.100 192.168.1.210 192.168.1.211 服务所在机器为: redis:192.168.1.211 ...

随机推荐

  1. C语言根据结构体成员变量的地址,得到结构体的地址

    看nginx代码时发现双链表使用的是这种方法,记录一下 给出一个实例来说明 struct father_t {    int a;    char *b;    double c;}f;char *p ...

  2. C10K问题和多进程模型

    收录编辑来自马哥教育相关课程 内核空间的相关程序在调度用户空间里的进程的时候,也占用了cpu资源...... nginx可以作为两种类型的反向代理 http 和smtp(mail) C10K问题, 当 ...

  3. localstorage ie11不支持

    据我所知,localstorage在高版本的ie.谷歌.火狐下都是支持的,以前没在ie上看过,不清楚,今天我用ie11打开我vue编译后的html,竟然发现不支持localstorage了,用仿真的i ...

  4. Codeforces Round #586 (Div. 1 + Div. 2) E. Tourism

    链接: https://codeforces.com/contest/1220/problem/E 题意: Alex decided to go on a touristic trip over th ...

  5. @WebFilter 的使用及采坑

    @WebFilter@WebFilter 用于将一个类声明为过滤器,该注解将会在部署时被容器处理,容器将根据具体的属性配置将相应的类部署为过滤器.该注解具有下表给出的一些常用属性 ( 以下所有属性均为 ...

  6. Tomcat配置多站点

    tomcat配置多个站点.可以这样. 在conf文件夹下创建文件:..conf\Catalina\localhost\aa.xml aa.xml的内容.如: <?xml version=&quo ...

  7. HMM 隐马尔科夫 Python 代码

    import numpy as np # -*- codeing:utf-8 -*- __author__ = 'youfei' # 隐状态 hidden_state = ['sunny', 'rai ...

  8. Python数据分析:Numpy学习笔记

    Numpy学习笔记 ndarray多维数组 创建 import numpy as np np.array([1,2,3,4]) np.array([1,2,3,4,],[5,6,7,8]) np.ze ...

  9. java随机生成6位随机数 5位随机数 4位随机数

    随机数,应用会相当广,验证数,订单号,流水号拼接. 下面是java随机数生成语句: 生成6位随机数(不会是5位或者7位,仅只有6位): System.+)*)); 同理,生成5位随机数: System ...

  10. ARTS打卡计划第十周

    Algorithms: https://leetcode-cn.com/problems/next-greater-node-in-linked-list/ 链表中下一个更大的值,双层循环及优化,后面 ...