zoukankan      html  css  js  c++  java
  • Kubernetes部署DNS

    前言

        阅读地址 http://thoreauz.com/2017/04/16/docker/Kubernetes%E9%83%A8%E7%BD%B2DNS%E5%92%8CDashboard/

    Kubernetes中的dns是什么?

        k8s的服务发现有两种,第一种是基于环境变量,第二种是基于DNS。

        第一种环境变量

            1.比如生成个pod的容器,默认情况,外部是不能访问容器内部的。

            2.我们生成service的资源对象,绑定第一步的pod容器,后生成的pod容器的环境变量会增加第一步的service生成的集群IP。

            3.这种方式缺点明显,第一个pod容器是找不到后面pod容器生成的service对象。

       第二种基于DNS.

            1.首先整个kube-dns的容器,它负责去获取service对应的服务

            2.再整个kube-dnsmasq-amd64:1.4容器,它是个dns服务端

            3.第一步检测的service的变化就自动更新到第二部的dns服务端

            4.其他业务容器启动时的dns指定第二步容器的集群IP,我们可以通过cat /etc/resolv.conf 查看是否生效.

    实战,如果按照作者的方法去做,dns一会就死了,改进版

    1.线生成kube-dns和kube-dnsmasq容器的配置文件skydns-rc.yaml

    apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
      name: kube-dns
      namespace: kube-system
      labels:
        k8s-app: kube-dns
        kubernetes.io/cluster-service: "true"
    spec:
      # replicas: not specified here:
      # 1. In order to make Addon Manager do not reconcile this replicas parameter.
      # 2. Default is 1.
      # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on.
      strategy:
        rollingUpdate:
          maxSurge: 10%
          maxUnavailable: 0
      selector:
        matchLabels:
          k8s-app: kube-dns
      template:
        metadata:
          labels:
            k8s-app: kube-dns
          annotations:
            scheduler.alpha.kubernetes.io/critical-pod: ''
            scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
        spec:
          containers:
          - name: kubedns
            # image: gcr.io/google_containers/kubedns-amd64:1.9
            image: registry.cn-hangzhou.aliyuncs.com/google-containers/kubedns-amd64:1.9
            args:
            # - --domain=cluster.local.
            - --domain=cluster.local.
            - --dns-port=10053
            - --config-map=kube-dns
            # This should be set to v=2 only after the new image (cut from 1.5) has
            # been released, otherwise we will flood the logs.
            - --v=2
            - --kube-master-url=http://192.168.122.94:8080 # 指定api
            env:
            - name: PROMETHEUS_PORT
              value: "10055"
            ports:
            - containerPort: 10053
              name: dns-local
              protocol: UDP
            - containerPort: 10053
              name: dns-tcp-local
              protocol: TCP
            - containerPort: 10055
              name: metrics
              protocol: TCP
          - name: dnsmasq
            # image: gcr.io/google_containers/kube-dnsmasq-amd64:1.4.1
            image: registry.cn-hangzhou.aliyuncs.com/google-containers/kube-dnsmasq-amd64:1.4
            args:
            - --cache-size=1000
            - --no-resolv
            - --server=127.0.0.1#10053
            # - --log-facility=-
            ports:
            - containerPort: 53
              name: dns
              protocol: UDP
            - containerPort: 53
              name: dns-tcp
              protocol: TCP
            # see: https://github.com/kubernetes/kubernetes/issues/29055 for details

    2.生成service,容器内部通过集群IP来访问dns,这里固定了个集群IP地址,不然会动态生成一个。配置文件名skydns-svc.yaml

    apiVersion: v1
    kind: Service
    metadata:
      name: kube-dns
      namespace: kube-system
      labels:
        k8s-app: kube-dns
        kubernetes.io/cluster-service: "true"
        kubernetes.io/name: "KubeDNS"
    spec:
      selector:
        k8s-app: kube-dns
      # clusterIP: $DNS_SERVER_IP
      clusterIP: 10.10.10.254
      ports:
      - name: dns
        port: 53
        protocol: UDP
      - name: dns-tcp
        port: 53
        protocol: TCP

    3.启动

    kubectl create -f skydns-rc.yaml
    kubectl create -f skydns-svc.yaml

    4.修改各个node节点的kubelet配置并重启

    vim /etc/kubernetes/kubelet
    # 添加这一行
    KUBELET_ARGS="--cluster_dns=10.254.0.100 --cluster_domain=cluster.local"
    systemctl restart kubelet
     
    5.验证
      所有pod容器重新生成,进入容器检测 cat /etc/resolv.conf  配置的dns是否有集群IP
  • 相关阅读:
    HDU
    矩形嵌套(DP)
    HDU
    HDU-1003 Max Sum
    Manacher算法—最长回文串
    Codeforces Round #460 (Div. 2) A B C D
    HDU 4540 威威猫系列故事——打地鼠 (简单DP)
    UVA 129 Krypton Factor(DFS 回溯)
    Codeforces 918A Eleven 918B Radio Station
    挑战程序设计竞赛(第2版)第112页勘误
  • 原文地址:https://www.cnblogs.com/whf191/p/9679382.html
Copyright © 2011-2022 走看看