playbook部署coredns
playbook部署coredns 说明test1是主控节点,目的是给test4 node节点安装coredns, 1、coredns-1.2.2.tar.gz安装包放到主控节点/server/software/k8s/目录下,由playbook中的docker导入镜像 2、准备hosts文件 cat >/k8s/profile/hosts <<EOF
[k8s]
192.168.0.91
192.168.0.92
192.168.0.93 [test0]
192.168.0.92
192.168.0.93 [test1]
192.168.0.91 [test2]
192.168.0.92 [test3]
192.168.0.93 [test4]
192.168.0.94
EOF 3、准备playbook文件 cat >/k8s/profile/deploy_coredns.yaml <<EOF
- hosts: test4
remote_user: root
become: yes
become_method: sudo
vars:
cluster_dns_svc_ip: 10.254.0.2
iface: ens33
tasks:
- name: copy coredns config file
template: src=/k8s/profile/coredns.yaml.j2 dest=/k8s/profile/coredns.yaml
- name: mkdir directory for coredns package
file: dest=/server/software/k8s/ state=directory mode=0755
- name: copy coredns-1.2.2.tar
copy: src=/server/software/k8s/coredns-1.2.2.tar.gz dest=/server/software/k8s/
- name: load coredns-1.2.2.tar.gz to docker
shell: docker load < /server/software/k8s/coredns-1.2.2.tar.gz
- name: install_coredns
command: kubectl apply -f /k8s/profile/coredns.yaml
EOF 4、准备coredns模板文件 cat >/k8s/profile/coredns.yaml.j2 <<EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: coredns
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: system:coredns
rules:
- apiGroups:
- ""
resources:
- endpoints
- services
- pods
- namespaces
verbs:
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: system:coredns
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:coredns
subjects:
- kind: ServiceAccount
name: coredns
namespace: kube-system
---
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
errors
health
kubernetes cluster.local. in-addr.arpa ip6.arpa {
pods insecure
upstream
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
proxy . /etc/resolv.conf
cache 30
reload
loadbalance
}
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: coredns
namespace: kube-system
labels:
k8s-app: kube-dns
kubernetes.io/name: "CoreDNS"
spec:
replicas: 2
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
k8s-app: kube-dns
template:
metadata:
labels:
k8s-app: kube-dns
spec:
serviceAccountName: coredns
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: "CriticalAddonsOnly"
operator: "Exists"
containers:
- name: coredns
image: coredns/coredns:1.2.0
imagePullPolicy: IfNotPresent
resources:
limits:
memory: 170Mi
requests:
cpu: 100m
memory: 70Mi
args: [ "-conf", "/etc/coredns/Corefile" ]
volumeMounts:
- name: config-volume
mountPath: /etc/coredns
readOnly: true
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
- containerPort: 9153
name: metrics
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- NET_BIND_SERVICE
drop:
- all
readOnlyRootFilesystem: true
livenessProbe:
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
dnsPolicy: Default
volumes:
- name: config-volume
configMap:
name: coredns
items:
- key: Corefile
path: Corefile
---
apiVersion: v1
kind: Service
metadata:
name: kube-dns
namespace: kube-system
annotations:
prometheus.io/port: ""
prometheus.io/scrape: "true"
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "CoreDNS"
spec:
selector:
k8s-app: kube-dns
clusterIP: {{ cluster_dns_svc_ip }}
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
protocol: TCP
EOF 5、开始部署 [root@test1 profile]# ansible-playbook /k8s/profile/deploy_coredns.yaml
playbook部署coredns的更多相关文章
- 部署coredns
1 前提: 1.1不依赖kubeadm的方式,适用于不是使用kubeadm创建的k8s集群,或者kubeadm初始化集群之后,删除了dns相关部署. 1.2 DNS IP :10 ...
- 10、二进制安装K8s之部署CoreDNS 和Dashboard
二进制安装K8s之部署CoreDNS 和Dashboard CoreDNS 和Dashboard 的yaml文件在 k8s源代码压缩包里面可以找到对应的配置文件,很多人从网上直接下载使用别人的,会导致 ...
- suse 12 二进制部署 Kubernetets 1.19.7 - 第11章 - 部署coredns组件
文章目录 1.11.0.部署coredns 1.11.1.测试coredns功能 suse 12 二进制部署 Kubernetes 集群系列合集: suse 12 二进制部署 Kubernetets ...
- playbook部署flanneld
定义playbook的主机组 说明: 1.playbook的主机组和ansible的主机组不一样, 2.playbook的主机组文件必须要和playbook文件在同一个目录下否则会报如下错误: [ro ...
- 通过PlayBook部署Zabbix
编写Linux初始化剧本 初始化剧本环节,主要用户实现关闭Selinux关闭防火墙,一起配置一下阿里云的YUM源地址,和安装EPEL源,为后期的zabbix安装做好铺垫工作. 1.在安装Zabbix之 ...
- 通过Playbook部署LAMP
Ansible的PlayBook文件格式为YAML语言,所以希望你在编写PlayBook前对YAML语法有一定的了解,否则在运行PlayBook的时候经常碰到语法错误提示,这里我们通过介绍批量部署LA ...
- playbook部署nginx
定义playbook的主机组 说明: 1.playbook的主机组和ansible的主机组不一样, 2.playbook的主机组文件必须要和playbook文件在同一个目录下否则会报如下错误: [ro ...
- Kubernets二进制安装(15)之安装部署coredns
在运维主机上(mfyxw50.mfyxw.com)准备Coredns镜像文件,以docker镜像文件的方式部署到Kubernetes集群中去. 1.下载coredns镜像 [root@mfyxw50 ...
- ansible playbook部署ELK集群系统
一.介绍 总共4台机器,分别为 192.168.1.99 192.168.1.100 192.168.1.210 192.168.1.211 服务所在机器为: redis:192.168.1.211 ...
随机推荐
- Java&Python&Appium 驱动APP及Desired Capabilities配置
一.摘要 本篇博文,将阐述如何将环境&代码&APP联系起来工作 二.Java代码 我们先看一段真实的java代码,我将他放在了TestNG框架的@BeforeTest里,执行这段即可启 ...
- linux基础_关机重启注销
1.关机重启命令 (1)shutdown shutdown -h now:表示立即关机 shutdown -h 1:表示1分钟后关机 shutdown -r now:立即重启 (2)halt:就是直 ...
- 我对line-height及vertical-align的一点理解
张鑫旭老师在文章<我对CSS vertical-align的一些理解与认识(一)>中提到: vertical-align:middle属性的表现与否,仅仅与其父标签有关,至于我们通常看到的 ...
- nginx静态资源配置(转发)
传统的web项目,一般都将静态资源存放在 webroot的目录下,这样做很方便获取静态资源,但是如果说web项目很大,用户很多,静态资源也很多时,服务器的性能 或许就会很低下了.这种情况下一般都会需要 ...
- 【Python之路】特别篇--抽屉新热榜
登陆与注册 注册功能: 流程: 填写用户名,邮箱,获取邮箱验证码,填入密码 单击<下一步>按钮,完成注册! 1.获取邮箱验证码(具体步骤分析): 1.利用ajax 往后台传入邮箱, 2.后 ...
- 多线程 submit与execute区别
(1)可以接受的任务类型 submit: execute: 可以看出: execute只能接受Runnable类型的任务 submit不管是Runnable还是Callable类型的任务都可以接受,但 ...
- C# params object[] args 可以传多个参数,可以不限制类型
http://blog.csdn.net/wslyy99/article/details/1836486 C#参数数组(params)的使用方法 http://www.vcsos.com/articl ...
- 2018CCPC桂林站JStone Game
题目描述 Alice and Bob are always playing game! The game today is about taking out stone from the stone ...
- 【csp模拟赛2】 序列操作
线性推,开数组太麻烦,可以用指针 代码: #include <iostream> #include <cstdio> #include <queue> using ...
- Linux下更换为阿里yum源
更新日期: 2018-08-06 1.yum源的工作原理 yum是为了解决安装包的依赖关系而生的,如果要源码安装一个软件,需要频繁下载各个包,并解决包的依赖关系.这就好比学门课程,要学会这门课程,就要 ...