k8s 组件之coredns
coredns configmap默认配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | apiVersion: v1data: Corefile: | .:53 { errors health { lameduck 5s } ready kubernetes cluster.local in-addr.arpa ip6.arpa { # 内部域名解析配置 pods insecure fallthrough in-addr.arpa ip6.arpa } prometheus :9153 forward . /etc/resolv.conf { # 对于外部域名采用node节点的配置文件 max_concurrent 1000 } cache 30 loop reload loadbalance } |
如何让集群pod解析外部域名(非集群内部svc域名)
1. 单个域名解析
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | apiVersion: v1data: Corefile: | .:53 { errors health { lameduck 5s } ready kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa } prometheus :9153 forward . /etc/resolv.conf { max_concurrent 1000 } cache 30 loop reload loadbalance hosts { 129.226.170.70 www.tb.com # 强制解析 } } |
2. 采用DNS服务器解析
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | [root@master-1 ~]# kubectl get cm -n kube-system coredns -oyamlapiVersion: v1data: Corefile: | .:53 { errors health { lameduck 5s } ready kubernetes cluster.local in-addr.arpa ip6.arpa { # 内部解析 pods insecure fallthrough in-addr.arpa ip6.arpa } prometheus :9153 cache 30 loop reload loadbalance forward . 8.8.8.8 223.5.5.5 { # 对应集群内部无法解析的,转发给dns服务器 max_concurrent 1000 } }... |
注意:如果有内部dns服务器,建议写公司内部DNS服务器地址。
3. 重启coredns控制器
rollout: 与资源的发布(rollout)相关的操作子命令,包括查看、暂停、恢复、重启等功能。
[root@master-1 ~]# kubectl rollout restart deploy coredns -n kube-system deployment.apps/coredns restarted
4. 监测pod状态
滚动更新策略保证始终有一部分 Pod 在服务中,所以不会完全中断解析服务。
coredns-64ccdcbccb-qtvk7 0/1 Pending 0 0s coredns-64ccdcbccb-qtvk7 0/1 Pending 0 0s coredns-6cdc74485f-cm9pm 1/1 Terminating 0 37m coredns-64ccdcbccb-qtvk7 0/1 ContainerCreating 0 0s coredns-64ccdcbccb-pr74x 0/1 Pending 0 0s coredns-64ccdcbccb-pr74x 0/1 Pending 0 0s coredns-64ccdcbccb-qtvk7 0/1 ContainerCreating 0 2s coredns-64ccdcbccb-qtvk7 0/1 Running 0 3s coredns-6cdc74485f-cm9pm 1/1 Terminating 0 37m coredns-6cdc74485f-cm9pm 0/1 Terminating 0 37m coredns-64ccdcbccb-qtvk7 1/1 Running 0 7s coredns-6cdc74485f-mk925 1/1 Terminating 0 37m coredns-6cdc74485f-cm9pm 0/1 Terminating 0 37m coredns-6cdc74485f-cm9pm 0/1 Terminating 0 37m coredns-64ccdcbccb-pr74x 0/1 Pending 0 9s coredns-64ccdcbccb-pr74x 0/1 ContainerCreating 0 9s coredns-64ccdcbccb-pr74x 0/1 ContainerCreating 0 10s coredns-64ccdcbccb-pr74x 0/1 Running 0 11s coredns-6cdc74485f-mk925 1/1 Terminating 0 37m coredns-6cdc74485f-mk925 0/1 Terminating 0 37m coredns-64ccdcbccb-pr74x 1/1 Running 0 14s coredns-6cdc74485f-mk925 0/1 Terminating 0 37m coredns-6cdc74485f-mk925 0/1 Terminating 0 37m
5. 测试解析
[root@master-1 ~]# kubectl exec busybox -- cat /etc/resolv.conf nameserver 10.0.0.2 search default.svc.cluster.local svc.cluster.local cluster.local options ndots:5
[root@master-1 ~]# kubectl exec busybox -- ping www.jd.com PING www.jd.com (58.220.65.19): 56 data bytes 64 bytes from 58.220.65.19: seq=0 ttl=52 time=30.665 ms 64 bytes from 58.220.65.19: seq=1 ttl=52 time=26.216 ms 64 bytes from 58.220.65.19: seq=2 ttl=52 time=25.405 ms ^C [root@master-1 ~]# kubectl exec busybox -- ping www.tb.com PING www.tb.com (129.226.170.70): 56 data bytes 64 bytes from 129.226.170.70: seq=0 ttl=48 time=46.721 ms 64 bytes from 129.226.170.70: seq=1 ttl=48 time=65.689 ms 64 bytes from 129.226.170.70: seq=2 ttl=48 time=85.008 ms
越学越感到自己的无知
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· 单元测试从入门到精通
· 【硬核科普】Trae如何「偷看」你的代码?零基础破解AI编程运行原理
· 上周热点回顾(3.3-3.9)
· winform 绘制太阳,地球,月球 运作规律
2021-12-02 K8S-kubelet报错: failed to get c ontainer info for "/system.slice/docker.service": unknown container "/system.slice/docker.service"
2021-12-02 K8S-错误:no metrics known for node
2021-12-02 K8S-Metrics Server
2021-12-02 K8S-常用命令