k8s 集羣環境之bind 9
主機名
角色
IP
部署服務
hdss7-11.host.com
k8s前端代理節點1
192.168.12.11
bind9 nginx(四層代理)keepalived supervisior
hdss7-21.host.com
k8s前端代理節點2
192.168.12.12
etcd nginx(四層代理)keepalived supervisor
hdss7-21.host.com
k8s運算節點1
192.168.12.21
etcd kube-api kube-conytroller-manager kube-scheduler kube-kubelet kube-proxy supervisior
hdss7-22.host.com
k8s運算節點2
192.168.12.22
etcd kube-api kube-conytroller-manager kube-scheduler kube-kubelet kube-proxy supervisior
hdss7-200.host.com
運維管理主機()
192.168.12.200
證書服務 docker倉庫(harbor) nginx代理本機harbor pause
ansible
1.開始安裝11主機bind 9
安裝必要軟件
#yum -y install wget net-tools telnet tree nmap sysstat lrzsz dos2unix bind-utils -y
[root@hdss7-11 ~]# yum install -y bind
配置bind
[root@hdss7-11 ~]# vi /etc/named.conf # BIND進程的工做屬性,區域的定義
13 listen-on port 53 { 192.168.154.11; }; # 監聽本機IP
14 listen-on-v6 port 53 { ::1; }; # 刪除,不監聽IPV6
20 allow-query { any; }; # 容許全部主機查看
21 forwarders { 192.168.154.2; }; # 辦公網上一級的DNS,(生產寫運營商dns)
33 recursion yes; # dns採用遞歸的查詢
35 dnssec-enable no; # 關閉,節省資源(生產可能不須要關閉)
36 dnssec-validation no; # 關閉,節省資源,不作互聯網認證
檢查配置
[root@hdss7-11 ~]# named-checkconf
[root@hdss7-11 ~]# echo $?
配置區域配置文件在文件末尾添加
[root@hdss7-11 ~]# vim /etc/named.rfc1912.zones
zone "host.com" IN {
type master;
file "host.com.zone";
allow-update { 192.168.12.11; };
};
zone "od.com" IN {
type master;
file "od.com.zone";
allow-update { 192.168.12.11; };
};
配置區域數據文件
[root@hdss7-11 ~]# vi /var/named/host.com.zone
[root@hdss7-11 ~]# cat /var/named/host.com.zone
$ORIGIN host.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.host.com. dnsadmin.host.com. (
20200606 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.host.com.
$TTL 60 ; 1 minute
dns A 192.168.12.11
HDSS7-11 A 192.168.12.11
HDSS7-12 A 192.168.12.12
HDSS7-21 A 192.168.12.21
HDSS7-22 A 192.168.12.22
HDSS7-200 A 192.168.12.200
[root@hdss7-11 ~]# cat /var/named/od.com.zone
$ORIGIN od.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.od.com. dnsadmin.od.com. (
20200606 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.od.com.
$TTL 60 ; 1 minute
dns A 192.168.12.11
檢測區域數據文件
[root@hdss7-11 ~]# named-checkconf
[root@hdss7-11 ~]# named-checkzone "host.com" /var/named/host.com.zone
zone host.com/IN: loaded serial 20200606
OK
[root@hdss7-11 ~]# named-checkzone "od.com" /var/named/od.com.zone
zone od.com/IN: loaded serial 20200606
OK
更改文件的屬組權限
[root@hdss7-11 ~]# chown root:named /var/named/host.com.zone
[root@hdss7-11 ~]# chown root:named /var/named/od.com.zone
[root@hdss7-11 ~]# chmod 640 /var/named/host.com.zone
[root@hdss7-11 ~]# chmod 640 /var/named/od.com.zone
[root@hdss7-11 ~]# systemctl restart named
[root@hdss7-11 ~]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@hdss7-11 ~]# netstat -lntup|grep 53
tcp 0 0 192.168.12.11:53 0.0.0.0: LISTEN 1752/named
tcp 0 0 127.0.0.1:953 0.0.0.0: LISTEN 1752/named
tcp6 0 0 ::1:953 ::: LISTEN 1752/named
udp 0 0 192.168.12.11:53 0.0.0.0: 1752/named
驗證解析
[root@hdss7-11 ~]# dig -t A hdss7-21.host.com @192.168.12.11 +short
192.168.12.21
[root@hdss7-11 ~]# dig -t A hdss7-200.host.com @192.168.12.11 +short
192.168.12.200
2 其餘節點DNS指向11
11修改dns
[root@hdss7-11 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=none
HWRADD=00:0c:29:c7:cd:40
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.12.11
GATEWAY=192.168.12.1
DNS1=192.168.12.11
[root@hdss7-11 ~]# /etc/init.d/network restart
Restarting network (via systemctl): [ OK ]
[root@hdss7-11 ~]# ping baidu.com
PING baidu.com (39.156.69.79) 56(84) bytes of data.
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=1 ttl=128 time=202 ms
[root@hdss7-11 ~]# cat /etc/resolv.conf 前端
Generated by NetworkManager
search host.com
nameserver 192.168.12.11
12指定DNS
[root@hdss7-12 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DNS=192.168.12.11
[root@hdss7-12 ~]# /etc/init.d/network restart
[root@hdss7-12 ~]# curl -I www.baidu.com
HTTP/1.1 200 OK
[root@hdss7-12 ~]# cat /etc/resolv.conf nginx
Generated by NetworkManager
search host.com
nameserver 192.168.12.11
21指定dns
[root@hdss7-21 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DNS=192.168.12.11
[root@hdss7-21 ~]# /etc/init.d/network restart
Restarting network (via systemctl): [ OK ]
[root@hdss7-21 ~]# cat /etc/resolv.conf docker
Generated by NetworkManager
search host.com
nameserver 192.168.12.11
[root@hdss7-21 ~]# curl -i baidu.com
HTTP/1.1 200 OK
22指定dns
[root@hdss7-22 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DNS=192.168.12.11
[root@hdss7-22 ~]# /etc/init.d/network restart
Restarting network (via systemctl): [ OK ]
[root@hdss7-22 ~]# curl -i baidu.com
HTTP/1.1 200 OK
[root@hdss7-22 ~]# cat /etc/resolv.conf vim
Generated by NetworkManager
search host.com
nameserver 192.168.12.11
200指定dns
[root@hdss7-200 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DNS=192.168.12.11
[root@hdss7-200 ~]# /etc/init.d/network restart
Restarting network (via systemctl): [ OK ]
[root@hdss7-200 ~]# cat /etc/resolv.conf windows
Generated by NetworkManager
search host.com
nameserver 192.168.12.11
[root@hdss7-200 ~]# curl -i www.baidu.com
HTTP/1.1 200 OK
windows 10
將本機的網卡DNS也改爲192.168.12.11 IPV4 -- 高級 -- 越點改爲20
[c:\~]$ ping hdss7-200.host.com
正在 Ping HDSS7-200.host.com [192.168.12.200] 具備 32 字節的數據:
來自 192.168.12.200 的回覆: 字節=32 時間<1ms TTL=64
mac
偏好設置---網絡---高級---DNS--dns爲192.168.12.11 搜索域爲od.comapi
- 1. K8s集羣-環境搭建
- 2. k8s集羣部署之bind安裝
- 3. CentOS7.2搭建k8s集羣環境
- 4. k8s集羣PHP環境使用
- 5. nacos集羣部署-k8s環境
- 6. 阿里雲環境部署k8s集羣
- 7. k8s集羣部署之環境介紹與etcd數據庫集羣部署
- 8. kubernetes集羣環境搭建
- 9. K8S集羣安裝 之 Docker環境準備
- 10. hadoop之旅9-centerOS7 : hbase集羣環境搭建
- 更多相關文章...
- • Swarm 集羣管理 - Docker教程
- • C# 環境 - C#教程
- • ☆技術問答集錦(13)Java Instrument原理
- • 互聯網組織的未來:剖析GitHub員工的任性之源
-
每一个你不满意的现在,都有一个你没有努力的曾经。