k8s--DNS域名服务-白红宇

k8s--DNS域名服务

阅读量：6377 次

发布时间：2019-06-23

本文共 8301 字，大约阅读时间需要 27 分钟。

在前面安装好的k8s集群环境下，继续增加DNS域名解析服务

Kubernetes提供的DNS由以下三个组件组成：

1． etcd：DNS存储

2． kube2sky：将kubernetes master中的service（服务）注册到etcd

3． skyDNS：提供DNS域名解析服务这三个组件以pod的方式启动和运行

添加组件镜像etcd，kube2sky，skydns，exechealthz

docker pull docker.gaoxiaobang.com/kubernetes/etcd-amd64:2.2.1

docker pull docker.gaoxiaobang.com/kubernetes/kube2sky:1.14

docker pull docker.gaoxiaobang.com/kubernetes/skydns:2015-10-13-8c72f8c

docker pull docker.gaoxiaobang.com/kubernetes/exechealthz:1.0

docker tag docker.gaoxiaobang.com/kubernetes/skydns:2015-10-13-8c72f8c 192.168.1.5:5000/skydns:2015-10-13-8c72f8c

docker tag docker.gaoxiaobang.com/kubernetes/kube2sky:1.14 192.168.1.5:5000/kube2sky:1.14

docker tag docker.gaoxiaobang.com/kubernetes/etcd-amd64:2.2.1 192.168.1.5:5000/etcd-amd64:2.2.1

docker tag docker.gaoxiaobang.com/kubernetes/exechealthz:1.0 192.168.1.5:5000/exechealthz:1.0

docker push 192.168.1.5:5000/skydns:2015-10-13-8c72f8c

docker push 192.168.1.5:5000/kube2sky:1.14

docker push 192.168.1.5:5000/etcd-amd64:2.2.1

docker push 192.168.1.5:5000/exechealthz:1.0

docker pull busybox #用作命令工具

docker tag docker.io/busybox 192.168.1.5:5000/busybox

docker push 192.168.1.5:5000/busybox

创建yaml文件,skydns-rc.yaml,skydns-svc.yaml,busybox.yaml

cd /home/dns

==============================================================================

vi skydns-rc.yaml

apiVersion: v1kind: ReplicationControllermetadata:  name: kube-dns-v9  namespace: default  labels:    k8s-app: kube-dns    version: v9    kubernetes.io/cluster-service: "true"spec:  replicas: 1  selector:    k8s-app: kube-dns    version: v9  template:    metadata:      labels:        k8s-app: kube-dns        version: v9        kubernetes.io/cluster-service: "true"    spec:      containers:      - name: etcd        image: 192.168.1.5:5000/etcd-amd64:2.2.1        imagePullPolicy: IfNotPresent        resources:          limits:            cpu: 100m            memory: 50Mi        command:        - /usr/local/bin/etcd       # - --privileged=true        - -data-dir        - /var/etcd/data        - -listen-client-urls        - http://127.0.0.1:2379,http://127.0.0.1:4001        - -advertise-client-urls        - http://127.0.0.1:2379,http://127.0.0.1:4001        - -initial-cluster-token        - skydns-etcd        volumeMounts:        - mountPath: /var/etcd/data          name: etcd-storage      - name: kube2sky        #image: gcr.io/google_containers/kube2sky:1.11        image: 192.168.1.5:5000/kube2sky:1.14        imagePullPolicy: IfNotPresent        resources:          limits:            cpu: 100m            memory: 50Mi        livenessProbe:          httpGet:            path: /healthz            port: 8080            scheme: HTTP          initialDelaySeconds: 60          timeoutSeconds: 5          successThreshold: 1          failureThreshold: 5        readinessProbe:          httpGet:            path: /readiness            port: 8081            scheme: HTTP          initialDelaySeconds: 30          timeoutSeconds: 5        args:        # command = "/kube2sky"       # - -etcd-server=http://127.0.0.1:4001        #- -kube_master_url=http://172.27.8.210:8080        - --kube-master-url=http://192.168.1.5:8080        - --domain=atomic.io      - name: skydns        #image: gcr.io/google_containers/skydns:2015-03-11-001        image: 192.168.1.5:5000/skydns:2015-10-13-8c72f8c        imagePullPolicy: IfNotPresent        resources:          limits:            cpu: 100m            memory: 50Mi        args:        # command = "/skydns"        - -machines=http://127.0.0.1:2379        - -addr=0.0.0.0:53        - -ns-rotate=false        - -domain=atomic.io        ports:        - containerPort: 53          name: dns          protocol: UDP        - containerPort: 53          name: dns-tcp          protocol: TCP        livenessProbe:          httpGet:            path: /healthz            port: 8080            scheme: HTTP          initialDelaySeconds: 30          timeoutSeconds: 5        readinessProbe:          httpGet:            path: /healthz            port: 8080            scheme: HTTP          initialDelaySeconds: 1          timeoutSeconds: 5      - name: healthz        #image: gcr.io/google_containers/exechealthz:1.0        image: 192.168.1.5:5000/exechealthz:1.0        imagePullPolicy: IfNotPresent        resources:          limits:            cpu: 10m            memory: 20Mi        args:        - -cmd=nslookup kubernetes.default.svc.atomic.io 127.0.0.1 >/dev/null        - -port=8080        ports:        - containerPort: 8080          protocol: TCP      volumes:      - name: etcd-storage        emptyDir: {}      dnsPolicy: Default

需要注意修改下面一些内容

1，对应的四个镜像地址

image: 192.168.1.5:5000/etcd-amd64:2.2.1

image: 192.168.1.5:5000/kube2sky:1.14

image: 192.168.1.5:5000/skydns:2015-10-13-8c72f8c

image: 192.168.1.5:5000/exechealthz:1.0

2，master和domain地址

- --kube-master-url=http://192.168.1.5:8080 #集群master的访问地址

- --domain=atomic.io #flannel网络定义的domain

3，namespace的定义

namespace: default

args:

- -cmd=nslookup kubernetes.default.svc.atomic.io 127.0.0.1 >/dev/null #注意namespace和flannel网络名

4，skydns的启动参数-addr=0.0.0.0:53表示使用本机TCP和UDP的53端口提供服务

5,镜像服务的127.0.0.1地址不要随意改，保持原状，保证一个pod内的不同dns应用服务的调用地址一致

6，目录挂载保持一致对应

- -data-dir

- /var/etcd/data

volumeMounts:

- mountPath: /var/etcd/data

=============================================================================

vi skydns-svc.yaml

apiVersion: v1kind: Servicemetadata:  name: kube-dns  namespace: default  labels:    k8s-app: kube-dns    kubernetes.io/cluster-service: "true"    kubernetes.io/name: "KubeDNS"spec:  selector:    k8s-app: kube-dns  clusterIP:  10.254.10.20  ports:  - name: dns    port: 53    protocol: UDP  - name: dns-tcp    port: 53    protocol: TCP

这个文件需要注意的是

clusterIP: 10.254.10.20

这个IP是在/etc/kubernetes/kubelet中定义的，

KUBELET_ARGS="--cluster-dns=10.254.10.20 --cluster-domain=atomic.io"

每个node上的/etc/kubernetes/kubelet启动参数

--cluster_dns=10.254.10.20 为dns服务的clusterIP

--cluster_domain=atomic.io 为dns服务中设置的域名

如果参数不一致就修改重启该kubelet

vi busybox.yaml

apiVersion: v1kind: Podmetadata:  name: busybox  namespace: defaultspec:  containers:    - image: 192.168.1.5:5000/busybox      command:        - sleep        - "3600"      imagePullPolicy: IfNotPresent      name: busybox  restartPolicy: Always

创建好文件后，用命令执行创建

kubectl create -f skydns-rc.yaml

kubectl create -f skydns-svc.yaml

kubectl create -f busybox.yaml

kubectl get pods --all-namespaces -o wide

[root@k8s-master dns]# kubectl get pods --all-namespaces -o wide NAMESPACE     NAME                       READY       STATUS    RESTARTS      AGE        IP          NODEdefault        busybox                    1/1        Running   5          5h        172.17.85.4   k8s-node-1default       kube-dns-v9-hnp4m               4/4       Running   0          5h        172.17.32.5   192.168.1.5kube-system   heapster-3919175978-gd82j           1/1       Running   0          12h       172.17.85.3   k8s-node-1kube-system   kubernetes-dashboard-3155532917-wdq38   1/1       Running   0          12h       172.17.85.2   k8s-node-1kube-system   monitoring-grafana-3994812335-wv9dh    1/1       Running   0          12h       172.17.32.2   192.168.1.5kube-system   monitoring-influxdb-265709471-xv170    1/1       Running   0          12h       172.17.32.3   192.168.1.5

执行dns检测命令（busybox是一个命令工具）

[root@k8s-master dns]# kubectl exec busybox -- nslookup kubernetes

Server: 10.254.10.20

Address 1: 10.254.10.20

Name: kubernetes

Address 1: 10.254.0.1

如果某个service属于自定义的命名空间，那么在进行service查找时，需要带上namespace的名字

[root@k8s-master dns]# kubectl exec busybox -- nslookup kubernetes-dashboard.kube-system

Server: 10.254.10.20

Address 1: 10.254.10.20

Name: kubernetes-dashboard.kube-system

Address 1: 10.254.132.77