CoreDNS

CoreDNS

coredns 是使用go语言实现的DNS,他不同于其他dns服务(例如bind),他是灵活的(flexible)大部分功能通过插件完成。

开源协议Apache2.0

安装

wget https://github.com/coredns/coredns/releases/download/v1.10.0/coredns_1.10.0_linux_amd64.tgz
tar xf coredns_1.10.0_linux_amd64.tgz -C /usr/bin/
coredns -dns.port=1053

https://coredns.io/manual/toc/
https://github.com/coredns/coredns
https://www.cnblogs.com/mashuai-191/p/11834241.html
https://www.cnblogs.com/lina-2159/p/16666696.html

查看支持哪些插件

[root@02 ~]# ./coredns --plugins
Server types:
  dns
 
Caddyfile loaders:
  flag
  default
 
Other plugins:
  dns.acl
  dns.any
  dns.auto
  dns.autopath
  dns.azure
  dns.bind
  dns.bufsize
  dns.cache
  dns.cancel
  dns.chaos
  dns.clouddns
  dns.debug
  dns.dns64
  dns.dnssec
  dns.dnstap
  dns.erratic
  dns.errors
  dns.etcd
  dns.file
  dns.forward
  dns.geoip
  dns.grpc
  dns.header
  dns.health
  dns.hosts
  dns.k8s_external
  dns.kubernetes
  dns.loadbalance
  dns.local
  dns.log
  dns.loop
  dns.metadata
  dns.minimal
  dns.nsid
  dns.pprof
  dns.prometheus
  dns.ready
  dns.reload
  dns.rewrite
  dns.root
  dns.route53
  dns.secondary
  dns.sign
  dns.template
  dns.tls
  dns.trace
  dns.transfer
  dns.whoami
  on
plugin.cfg
# Directives are registered in the order they should be executed.
#
# Ordering is VERY important. Every plugin will feel the effects of all other
# plugin below (after) them during a request, but they must not care what plugin
# above them are doing.
 
# How to rebuild with updated plugin configurations: Modify the list below and
# run `go generate && go build`
 
# The parser takes the input format of:
#
#     <plugin-name>:<package-name>
# Or
#     <plugin-name>:<fully-qualified-package-name>
#
# External plugin example:
#
# log:github.com/coredns/coredns/plugin/log
# Local plugin example:
# log:log
 
metadata:metadata
geoip:geoip
cancel:cancel
tls:tls
timeouts:timeouts
reload:reload
nsid:nsid
bufsize:bufsize
root:root
bind:bind
debug:debug
trace:trace
ready:ready
health:health
pprof:pprof
prometheus:metrics
errors:errors
log:log
dnstap:dnstap
local:local
dns64:dns64
acl:acl
any:any
chaos:chaos
loadbalance:loadbalance
tsig:tsig
cache:cache
rewrite:rewrite
header:header
dnssec:dnssec
autopath:autopath
minimal:minimal
template:template
transfer:transfer
hosts:hosts
route53:route53
azure:azure
clouddns:clouddns
k8s_external:k8s_external
kubernetes:kubernetes
file:file
auto:auto
secondary:secondary
etcd:etcd
loop:loop
forward:forward
grpc:grpc
erratic:erratic
whoami:whoami
on:github.com/coredns/caddy/onevent
sign:sign
view:view
  • bind - as said, control to what interfaces to bind.
  • root - set the root directory where CoreDNS plugins should look for files.
  • health - enable HTTP health check endpoint.
  • ready - support readiness reporting for a plugin.

coredns 二进制文件包含了所有插件,你可以通过重新编译来添加或删除插件

Corefile 为coredns配置文件 ,通过coredns -config Corefile 使用指定的corefile 配置文件,插件在corefile中的位置不影响插件的执行顺序(plugin.cfg 文件定义顺序决定)

插件

prometheus :暴露一组prometheus格式的指标。

.:53 {
	prometheus :9153
}

主要指标

  • 基本信息:

    coredns_build_info{version, revision, goversion}

    coredns_plugin_enabled{server, zone, view, name}

  • 99%查询响应时长

    		histogram_quantile(0.99,coredns_dns_request_duration_seconds_bucket)

  • reload失败次数

    		coredns_reload_failed_total 0

    最后重启时间

    		coredns_hosts_reload_timestamp_seconds

  • 健康检查失败次数

    		coredns_health_request_failures_total

  • 缓存命中率

    		coredns_cache_hits_total/coredns_dns_requests_total

forward :转发dns查询到上游dns服务器

.:53 {
	forward . 8.8.8.8 114.114.114.114
}
.:53 {
	forward . /etc/resolv.conf {
		expire 10s
	}
}

hosts: 提供了自定义dns解析的能力,默认5s扫描一次文件的变动

.:53 {
        prometheus :9153
        # 使用本机的/etc/hosts文件
        hosts {
        	fallthrough
        }
}
.:53 {
        prometheus :9153
        # 使用/etc/test.host 文件中定义的地址解析
        hosts /etc/test.host {
        	fallthrough
        }
 
}
.:53 {
        prometheus :9153
        hosts {
                1.2.3.4 test.abcd
                1.2.3.5 test.abcd
                fallthrough
        }
}

trace

简单测试未使用

docker run -d -p 9411:9411 openzipkin/zipkin
.:53 {
        trace zipkin 
}

cache: 缓存查询到本地默认 3600s

. {
	# 缓存10s
    cache 10
}

reload:自动加载Corefile配置

.:53 {
		# 默认间隔30s 左右抖动15s检查一次
        reload
}
.:53 {
        ready localhost:8080
        # 修改为2s 左右抖动1s 检查一次,这也是最小值
        reload 2s 1s
}

health :提供一个http://0.0.0.0:8080/health 的接口检查coredns是否就绪。主要关注coredns进程本身,通常使用在livenessProbe

.:53 {
	health
}
.:53 {
	health localhost:8080
}

ready: 提供一个http://0.0.0.0:8181/ready 的接口,当所有plugins都就绪是返回200,如果某个plugin不可用时返回503。可以用于readinessProbe

.:53 {
	ready
}
.:53 {
	ready localhost:8181
}

loadbalance: 定义dns轮询策略,默认rr

log 记录日志,支持对日志格式的定制

loop

kubernetes

k8s_external

配置文件示例

.:53 {
    errors
    health {
       lameduck 5s
    }
    ready
    hosts {
       10.4.7.1  salt-master
       10.4.7.1  salt-master2
       ttl 60
       fallthrough
    }
    kubernetes cluster.local in-addr.arpa ip6.arpa {
       pods insecure
       fallthrough in-addr.arpa ip6.arpa
       ttl 30
    }
 
 
 
    prometheus :9153
    forward . /etc/resolv.conf {
       max_concurrent 1000
    }
    cache 30
    loop
    reload
    loadbalance
}
coredns -conf corefile
posted @   mingtian是吧  阅读(144)  评论(0编辑  收藏  举报
相关博文:
· 安装nginx
· docker-compose
· coredns简介
· Kubernetes部署CoreDNS
· CoreDNS -- DNS服务与服务发现
阅读排行:
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· C#/.NET/.NET Core优秀项目和框架2025年2月简报
· 葡萄城 AI 搜索升级:DeepSeek 加持,客户体验更智能
· 什么是nginx的强缓存和协商缓存
· 一文读懂知识蒸馏
点击右上角即可分享
微信分享提示