CoreDNS实现自定义域名解析
参考:https://support.huaweicloud.com/usermanual-cce/cce_01_0361.html
一、修改CoreDNS Hosts配置
修改CoreDNS配置文件,将自定义域名添加到hosts中。
例如将www.example.com指向192.168.1.1,通过CoreDNS解析www.example.com时,会返回192.168.1.1。
须知: 此处配置不能遗漏fallthrough字段,fallthrough表示当在hosts找不到要解析的域名时,会将解析任务传递给CoreDNS的下一个插件。如果不写fallthrough的话,任务就此结束,不会继续解析,会导致集群内部域名解析失败的情况。 hosts的详细配置请参见https://coredns.io/plugins/hosts/。
[root@k8s01-zongshuai dev]# kubectl edit configmap coredns -n kube-system # Please edit the object below. Lines beginning with a '#' will be ignored, # and an empty file will abort the edit. If an error occurs while saving this file will be # reopened with the relevant failures. # apiVersion: v1 data: Corefile: | .:53 { errors health { lameduck 5s } ready kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa ttl 30 } hosts { 172.16.43.178 bx-cdh01 172.16.43.187 bx-cdh02 172.16.43.189 bx-cdh03 172.16.43.192 bx-cdh04 172.16.43.193 bx-cdh05 172.16.43.177 cdh01 172.16.43.199 cdh02 172.16.43.184 cdh03 172.16.43.182 cdh04 172.16.43.159 cdh05 fallthrough } prometheus :9153 forward . /etc/resolv.conf cache 30 loop reload loadbalance } kind: ConfigMap metadata: creationTimestamp: "2021-11-30T07:36:28Z" managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:data: {} manager: kubeadm operation: Update time: "2021-11-30T07:36:28Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:data: f:Corefile: {} manager: Mozilla operation: Update time: "2022-09-07T07:11:00Z" name: coredns namespace: kube-system resourceVersion: "112726088" selfLink: /api/v1/namespaces/kube-system/configmaps/coredns uid: 218630e6-42f7-4e64-a0cf-cf97ac6bc6d6
在CoreDNS中修改hosts后,就不用单独在每个Pod中配置hosts了,带来了一定的方便性。
二、添加CoreDNS Rewrite配置指向域名到集群内服务
使用 CoreDNS 的 Rewrite 插件,将指定域名解析到某个 Service 的域名,相当于给Service取了个别名。
修改CoreDNS配置文件,将example.com指向default命名空间下的example服务。
$ kubectl edit configmap coredns -n kube-system apiVersion: v1 data: Corefile: |- .:5353 { bind {$POD_IP} cache 30 errors health {$POD_IP}:8080 kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa } rewrite name example.com example.default.svc.cluster.local loadbalance round_robin prometheus {$POD_IP}:9153 forward . /etc/resolv.conf reload } kind: ConfigMap metadata: creationTimestamp: "2021-08-23T13:27:28Z" labels: app: coredns k8s-app: coredns kubernetes.io/cluster-service: "true" kubernetes.io/name: CoreDNS release: cceaddon-coredns name: coredns namespace: kube-system resourceVersion: "460" selfLink: /api/v1/namespaces/kube-system/configmaps/coredns uid: be64aaad-1629-441f-8a40-a3efc0db9fa9
三、使用CoreDNS级联自建DNS
修改CoreDNS配置文件,将forward后面的/etc/resolv.conf,改成外部DNS的地址
$ kubectl edit configmap coredns -n kube-system apiVersion: v1 data: Corefile: |- .:5353 { bind {$POD_IP} cache 30 errors health {$POD_IP}:8080 kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa } loadbalance round_robin prometheus {$POD_IP}:9153 forward . 192.168.1.1 reload } kind: ConfigMap metadata: creationTimestamp: "2021-08-23T13:27:28Z" labels: app: coredns k8s-app: coredns kubernetes.io/cluster-service: "true" kubernetes.io/name: CoreDNS release: cceaddon-coredns name: coredns namespace: kube-system resourceVersion: "460" selfLink: /api/v1/namespaces/kube-system/configmaps/coredns uid: be64aaad-1629-441f-8a40-a3efc0db9fa9