1、文件位置:
https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/coredns/coredns.yaml.base
2、coredns.yaml
1 # __MACHINE_GENERATED_WARNING__ 2 3 apiVersion: v1 4 kind: ServiceAccount 5 metadata: 6 name: coredns 7 namespace: kube-system 8 labels: 9 kubernetes.io/cluster-service: "true" 10 addonmanager.kubernetes.io/mode: Reconcile 11 --- 12 apiVersion: rbac.authorization.k8s.io/v1 13 kind: ClusterRole 14 metadata: 15 labels: 16 kubernetes.io/bootstrapping: rbac-defaults 17 addonmanager.kubernetes.io/mode: Reconcile 18 name: system:coredns 19 rules: 20 - apiGroups: 21 - "" 22 resources: 23 - endpoints 24 - services 25 - pods 26 - namespaces 27 verbs: 28 - list 29 - watch 30 - apiGroups: 31 - "" 32 resources: 33 - nodes 34 verbs: 35 - get 36 --- 37 apiVersion: rbac.authorization.k8s.io/v1 38 kind: ClusterRoleBinding 39 metadata: 40 annotations: 41 rbac.authorization.kubernetes.io/autoupdate: "true" 42 labels: 43 kubernetes.io/bootstrapping: rbac-defaults 44 addonmanager.kubernetes.io/mode: EnsureExists 45 name: system:coredns 46 roleRef: 47 apiGroup: rbac.authorization.k8s.io 48 kind: ClusterRole 49 name: system:coredns 50 subjects: 51 - kind: ServiceAccount 52 name: coredns 53 namespace: kube-system 54 --- 55 apiVersion: v1 56 kind: ConfigMap 57 metadata: 58 name: coredns 59 namespace: kube-system 60 labels: 61 addonmanager.kubernetes.io/mode: EnsureExists 62 data: 63 Corefile: | 64 .:53 { 65 errors 66 health 67 kubernetes __PILLAR__DNS__DOMAIN__ in-addr.arpa ip6.arpa { 68 pods insecure 69 upstream 70 fallthrough in-addr.arpa ip6.arpa 71 ttl 30 72 } 73 prometheus :9153 74 forward . /etc/resolv.conf 75 cache 30 76 loop 77 reload 78 loadbalance 79 } 80 --- 81 apiVersion: apps/v1 82 kind: Deployment 83 metadata: 84 name: coredns 85 namespace: kube-system 86 labels: 87 k8s-app: kube-dns 88 kubernetes.io/cluster-service: "true" 89 addonmanager.kubernetes.io/mode: Reconcile 90 kubernetes.io/name: "CoreDNS" 91 spec: 92 # replicas: not specified here: 93 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 94 # 2. Default is 1. 95 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 96 strategy: 97 type: RollingUpdate 98 rollingUpdate: 99 maxUnavailable: 1 100 selector: 101 matchLabels: 102 k8s-app: kube-dns 103 template: 104 metadata: 105 labels: 106 k8s-app: kube-dns 107 annotations: 108 seccomp.security.alpha.kubernetes.io/pod: 'docker/default' 109 spec: 110 priorityClassName: system-cluster-critical 111 serviceAccountName: coredns 112 tolerations: 113 - key: "CriticalAddonsOnly" 114 operator: "Exists" 115 nodeSelector: 116 beta.kubernetes.io/os: linux 117 containers: 118 - name: coredns 119 image: k8s.gcr.io/coredns:1.3.1 120 imagePullPolicy: IfNotPresent 121 resources: 122 limits: 123 memory: __PILLAR__DNS__MEMORY__LIMIT__ 124 requests: 125 cpu: 100m 126 memory: 70Mi 127 args: [ "-conf", "/etc/coredns/Corefile" ] 128 volumeMounts: 129 - name: config-volume 130 mountPath: /etc/coredns 131 readOnly: true 132 ports: 133 - containerPort: 53 134 name: dns 135 protocol: UDP 136 - containerPort: 53 137 name: dns-tcp 138 protocol: TCP 139 - containerPort: 9153 140 name: metrics 141 protocol: TCP 142 livenessProbe: 143 httpGet: 144 path: /health 145 port: 8080 146 scheme: HTTP 147 initialDelaySeconds: 60 148 timeoutSeconds: 5 149 successThreshold: 1 150 failureThreshold: 5 151 readinessProbe: 152 httpGet: 153 path: /health 154 port: 8080 155 scheme: HTTP 156 securityContext: 157 allowPrivilegeEscalation: false 158 capabilities: 159 add: 160 - NET_BIND_SERVICE 161 drop: 162 - all 163 readOnlyRootFilesystem: true 164 dnsPolicy: Default 165 volumes: 166 - name: config-volume 167 configMap: 168 name: coredns 169 items: 170 - key: Corefile 171 path: Corefile 172 --- 173 apiVersion: v1 174 kind: Service 175 metadata: 176 name: kube-dns 177 namespace: kube-system 178 annotations: 179 prometheus.io/port: "9153" 180 prometheus.io/scrape: "true" 181 labels: 182 k8s-app: kube-dns 183 kubernetes.io/cluster-service: "true" 184 addonmanager.kubernetes.io/mode: Reconcile 185 kubernetes.io/name: "CoreDNS" 186 spec: 187 selector: 188 k8s-app: kube-dns 189 clusterIP: __PILLAR__DNS__SERVER__ 190 ports: 191 - name: dns 192 port: 53 193 protocol: UDP 194 - name: dns-tcp 195 port: 53 196 protocol: TCP 197 - name: metrics 198 port: 9153 199 protocol: TCP
ps:大写部分需要你修改成自己k8s集群上的配置,主要修改4个地方
67行 大写部分修改成自己的域 一般为 cluster.local.
119行 image部分墙外的需要修改,coredns/coredns:1.3.1
123行 memory 修改成自己适合的值,我这里修改为 170Mi
189行 clusterIP 修改成kubelet.config中设置的clusterDNS IP
3、部署coredns.yaml
kubectl create -f coredns.yaml
4、验证
4.1 启动一个busybox pod
注意一定要使用busybox 1.28.3,其它版本镜像有bug测试会出问题
root@k8s-master1 pv]# cat busybox.yaml
apiVersion: v1
kind: Pod
metadata:
name: busybox
namespace: default
spec:
containers:
- image: busybox:1.28.3
command:
- sleep
- "3600"
imagePullPolicy: IfNotPresent
name: busybox
restartPolicy: Always
4.2 进入busybox 验证
[root@k8s-master1 cfg]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 5d15h
my-nginx ClusterIP 10.0.140.169 <none> 80/TCP 16h
[root@k8s-master1 pv]# kubectl get po NAME READY STATUS RESTARTS AGE busybox 1/1 Running 0 5s my-nginx-5dd67b97fb-hqg94 1/1 Running 0 42m my-nginx-5dd67b97fb-xqj5w 1/1 Running 1 16h
[root@k8s-master1 pv]# kubectl exec -it busybox sh / # nslookup kubernetes.default Server: 10.0.0.2 Address 1: 10.0.0.2 coredns.kube-system.svc.cluster.local Name: kubernetes.default Address 1: 10.0.0.1 kubernetes.default.svc.cluster.local