1:首先创建kube-dns和dnsmasq这两个yaml,然后生成相应的pod、svc等。
2:然后在去创建其他的验证pod和svc
3:验证nslookup解析的是其他pod的svc的name,而不是podname
我的kubernets的版本是1.5的
skydns-rc.yaml 这里的地址记得修改, - --domain=cluster.local. 或者写成你自己的相应的域名,但是需呀和/etc/kubernets/kubelet 里面的对应起来 -kube-master-url=http://172.16.100.60:8080 是master的物理地址
10.254.0.254 这个ip自己定义的定义dns svc的地址,但是得保证在apiserver配置文件里的范围内
其他node节点是不是也要修改kubelet配置文件?我没测试,但也直接改了kubelet配置文件
[root@centos-master dns]# tail -n 1 /etc/kubernetes/kubelet KUBELET_ARGS="--cluster-dns=10.254.0.254 --cluster-domain=cluster.local"
上面定义的dnsip要在下面这个范围内
[root@centos-master dns]# tail -n 8 /etc/kubernetes/apiserver # Address range to use for services KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16" # default admission control policies KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota" # Add your own! KUBE_API_ARGS=""
[root@centos-master dns]# cat skydns-rc.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kube-dns
namespace: kube-system
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
spec:
#指定副本数
replicas: 1
# replicas: not specified here:
# 1. In order to make Addon Manager do not reconcile this replicas parameter.
# 2. Default is 1.
# 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on.
strategy:
rollingUpdate:
maxSurge: 10%
maxUnavailable: 0
selector:
matchLabels:
k8s-app: kube-dns
template:
metadata:
labels:
k8s-app: kube-dns
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
spec:
containers:
- name: kubedns
image: docker.io/ist0ne/kubedns-amd64:latest
resources:
# TODO: Set memory limits when we've profiled the container for large
# clusters, then set request = limit to keep this container in
# guaranteed class. Currently, this container falls into the
# "burstable" category so the kubelet doesn't backoff from restarting it.
limits:
memory: 170Mi
requests:
cpu: 100m
memory: 70Mi
livenessProbe:
httpGet:
path: /healthz-kubedns
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
httpGet:
path: /readiness
port: 8081
scheme: HTTP
# we poll on pod startup for the Kubernetes master service and
# only setup the /readiness HTTP server once that's available.
initialDelaySeconds: 3
timeoutSeconds: 5
args:
#指定一级域名
- --domain=cluster.local.
- --dns-port=10053
- --config-map=kube-dns
#增加kube-master-url,指向k8s_master地址
- --kube-master-url=http://172.16.100.60:8080
# This should be set to v=2 only after the new image (cut from 1.5) has
# been released, otherwise we will flood the logs.
- --v=0
env:
- name: PROMETHEUS_PORT
value: "10055"
ports:
- containerPort: 10053
name: dns-local
protocol: UDP
- containerPort: 10053
name: dns-tcp-local
protocol: TCP
- containerPort: 10055
name: metrics
protocol: TCP
- name: dnsmasq
image: docker.io/ist0ne/k8s-dns-dnsmasq-amd64:latest
livenessProbe:
httpGet:
path: /healthz-dnsmasq
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
args:
- --cache-size=1000
- --no-resolv
- --server=127.0.0.1#10053
#注释掉
#- --log-facility=-
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
# see: https://github.com/kubernetes/kubernetes/issues/29055 for details
resources:
requests:
cpu: 150m
memory: 10Mi
- name: dnsmasq-metrics
image: docker.io/ist0ne/dnsmasq-metrics-amd64:latest
livenessProbe:
httpGet:
path: /metrics
port: 10054
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
args:
- --v=2
- --logtostderr
ports:
- containerPort: 10054
name: metrics
protocol: TCP
resources:
requests:
memory: 10Mi
- name: healthz
image: docker.io/ist0ne/exechealthz-amd64:latest
resources:
limits:
memory: 50Mi
requests:
cpu: 10m
# Note that this container shouldn't really need 50Mi of memory. The
# limits are set higher than expected pending investigation on #29688.
# The extra memory was stolen from the kubedns container to keep the
# net memory requested by the pod constant.
memory: 50Mi
args:
- --cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1 >/dev/null
- --url=/healthz-dnsmasq
- --cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1:10053 >/dev/null
- --url=/healthz-kubedns
- --port=8080
- --quiet
ports:
- containerPort: 8080
protocol: TCP
dnsPolicy: Default # Don't use cluster DNS.
[root@centos-master dns]# cat skydns-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: kube-dns
namespace: kube-system
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "KubeDNS"
spec:
selector:
k8s-app: kube-dns
clusterIP: 10.254.0.254
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
protocol: TCP
[root@centos-master dns]# kubectl create -f skydns-rc.yaml [root@centos-master dns]# kubectl create -f skydns-svc.yaml
创建完上面两个yaml的pod和svc,然后就可以创建其他测试的pod了
比如创建一个mysql的创建一个buxybox验证的
[root@centos-master yaml]# cat busybox.yaml
apiVersion: v1
kind: Pod
metadata:
name: busybox
spec:
containers:
- image: busybox
command:
- sleep
- "3600"
name: busybox
[root@centos-master yaml]# cat mysql-rc.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: mysql
spec:
replicas: 3
selector:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:5.5
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
[root@centos-master yaml]# cat mysql-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql
spec:
ports:
- port: 3306
selector:
app: mysql
[root@centos-master yaml]# kubectl create -f busybox.yaml [root@centos-master yaml]# kubectl create -f mysql-rc.yaml [root@centos-master yaml]# kubectl create -f mysql-svc.yaml
启动busybox查看/etc/resolv.conf ,不出意外的话以后所有新建的pod resolv.conf里面都将生成一条记录,注意解析的是svc的名字
[root@centos-master yaml]# kubectl exec -it busybox -- sh / # cat /etc/resolv.conf search default.svc.cluster.local svc.cluster.local cluster.local nameserver 10.254.0.254 nameserver 202.106.0.20 options ndots:5 / # nslookup mysql Server: 10.254.0.254 Address 1: 10.254.0.254 kube-dns.kube-system.svc.cluster.local Name: mysql Address 1: 10.254.130.59 mysql.default.svc.cluster.local / # nslookup kubernetes Server: 10.254.0.254 Address 1: 10.254.0.254 kube-dns.kube-system.svc.cluster.local Name: kubernetes Address 1: 10.254.0.1 kubernetes.default.svc.cluster.local
[root@centos-master yaml]# kubectl get svc | grep -E "mysql|kubernetes" kubernetes 10.254.0.1 <none> 443/TCP 6d mysql 10.254.130.59 <none> 3306/TCP 17m
以上,dns全部完成。