二進制部署K8s集羣第21節addons之安裝部署coredns
架構圖
node
1、k8s服務發現插件-CoreDNS
- CoreDNS可以實現自動關聯Service資源的 「名稱」 和 」集羣網絡IP「,從而達到服務被集羣自動發現
操做過程nginx
- 運維主機建立資源配置清單
- 下載coredns鏡像上傳到倉庫
- 配置內網dns
- node主機應用資源配置清單
1.1 架構
| 主機名 | IP | 角色 | 節點 |
|---|---|---|---|
| hdss7-200.host.com | 10.4.7.200 | 資源配置清單 | 運維主機 |
| hdss7-11.host.com | 10.4.7.11 | 內網DNS解析 | dns主機 |
| hdss7-21.host.com | 10.4.7.21 | 應用資源配置清單 | node節點 |
1.2 部署k8s資源配置清單的內網http服務
用以提供k8s統一的資源配置清單訪問入口,之後全部的資源配置清單統一放置在運維主機的
/data/k8s-yaml目錄下便可
hdss7-200.host.com上操做git
cat > /etc/nginx/conf.d/k8s-yaml.od.com.conf << 'eof'
server {
listen 80;
server_name k8s-yaml.od.com;
location / {
autoindex on;
default_type text/plain;
root /data/k8s-yaml;
}
}
eof
nginx -s reload
1.3 準備資源配置清單
- rbac.yaml 基於角色訪問控制資源配置清單
- configmap.yaml 配置資源配置清單
- deployment.yaml 控制器資源配置清單
- svc.yaml service資源配置清單
資源清單下載地址:https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/coredns/coredns.yaml.basegithub
1.3.1 準備rbac.yaml文件
mkdir -p /data/k8s-yaml/coredns && cd /data/k8s-yaml/coredns
cat > /data/k8s-yaml/coredns/rbac.yaml << 'eof'
apiVersion: v1
kind: ServiceAccount
metadata:
name: coredns
namespace: kube-system
labels:
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
kubernetes.io/bootstrapping: rbac-defaults
addonmanager.kubernetes.io/mode: Reconcile
name: system:coredns
rules:
- apiGroups:
- ""
resources:
- endpoints
- services
- pods
- namespaces
verbs:
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
addonmanager.kubernetes.io/mode: EnsureExists
name: system:coredns
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:coredns
subjects:
- kind: ServiceAccount
name: coredns
namespace: kube-system
eof
1.3.2 configmap.yaml 資源配置清單
cat > /data/k8s-yaml/coredns/configmap.yaml << 'eof'
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
errors
log
health
kubernetes cluster.local 192.168.0.0/16
proxy . /etc/resolv.conf
cache 30
}
eof
1.3.3 deployment.yaml 控制器資源配置清單
cat > /data/k8s-yaml/coredns/deployment.yaml << 'eof'
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: coredns
namespace: kube-system
labels:
k8s-app: coredns
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "CoreDNS"
spec:
replicas: 1
selector:
matchLabels:
k8s-app: coredns
template:
metadata:
labels:
k8s-app: coredns
spec:
serviceAccountName: coredns
containers:
- name: coredns
image: harbor.od.com/k8s/coredns:v1.3.1
args:
- -conf
- /etc/coredns/Corefile
volumeMounts:
- name: config-volume
mountPath: /etc/coredns
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
dnsPolicy: Default
imagePullSecrets:
- name: harbor
volumes:
- name: config-volume
configMap:
name: coredns
items:
- key: Corefile
path: Corefile
eof
1.3.4 svc.yaml service資源配置清單
cat > /data/k8s-yaml/coredns/svc.yaml << 'eof'
apiVersion: v1
kind: Service
metadata:
name: coredns
namespace: kube-system
labels:
k8s-app: coredns
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "CoreDNS"
spec:
selector:
k8s-app: coredns
clusterIP: 192.168.0.2
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
eof
1.4 下載kube-dns(coredns)到本地倉庫
harbor界面建立K8s項目docker
docker pull coredns/coredns:1.3.1 docker images | grep coredns coredns/coredns 1.3.1 eb516548c180 20 months ago 40.3MB docker tag eb516548c180 harbor.od.com/k8s/coredns:v1.3.1 docker push harbor.od.com/k8s/coredns:v1.3.1
1.5 配置內網DNS解析
在hdss7-11.host.com上操做shell
cat >> /var/named/od.com.zone <<'eof' k8s-yaml A 10.4.7.200 eof vi /var/named/od.com.zone 2020092703 ; serial # 日期須要加1 systemctl restart named
1.6 測試訪問
1.7 部署kube-dns(coredns)
hdss7-21或hdss7-22任意一臺節點上操做bootstrap
kubectl create secret docker-registry harbor --docker-server=harbor.od.com --docker-username=admin --docker-password=Harbor12345 --docker-email=1934844044@qq.com -n kube-system kubectl apply -f http://k8s-yaml.od.com/coredns/rbac.yaml kubectl apply -f http://k8s-yaml.od.com/coredns/configmap.yaml kubectl apply -f http://k8s-yaml.od.com/coredns/deployment.yaml kubectl apply -f http://k8s-yaml.od.com/coredns/svc.yaml
1.8 檢查
[root@hdss7-21 ~]# kubectl create deployment nginx-dp --=image=harbor.od.com/public/nginx:v1.7.9 -n kube-public --replicas=1 [root@hdss7-21 ~]# kubectl expose deployment nginx-dp --port=80 -n kube-public [root@hdss7-21 ~]# kubectl get svc -n kube-public # 新建容器集羣IP爲134結尾 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE nginx-dp ClusterIP 192.168.109.134 <none> 80/TCP 58m [root@hdss7-21 ~]# kubectl get pods -n kube-system -o wide # coredns安裝放在kube-system內 NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES coredns-57c78bdbcd-lsf5z 1/1 Running 0 <invalid> 172.7.21.3 hdss7-21.host.com <none> <none> [root@hdss7-21 ~]# kubectl get svc -n kube-system # creodns的svc存在kube-system內 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE coredns ClusterIP 192.168.0.2 <none> 53/UDP,53/TCP 4m30s [root@hdss7-21 ~]# dig -t A nginx-dp.kube-public.svc.cluster.local @192.168.0.2 +short 192.168.109.134 # 查看到可以解析IP,但域名只能在集羣內部使用,由於集羣IP只能在內網使用 [root@hdss7-21 ~]# dig -t A www.baidu.com @192.168.0.2 +short # 解析百度 www.a.shifen.com. 14.215.177.38 14.215.177.39 [root@hdss7-21 ~]# kubectl exec -ti nginx-dp-7f74c75ff9-jtzhs -n kube-public -- /bin/bash root@nginx-dp-7f74c75ff9-jtzhs:/# cat /etc/resolv.conf # 進入容器內查看dns配置了search nameserver 192.168.0.2 search kube-public.svc.cluster.local svc.cluster.local cluster.local host.com options ndots:5 root@nginx-dp-7f74c75ff9-jtzhs:/# ping nginx-dp # 容器內部ping PING nginx-dp.kube-public.svc.cluster.local (192.168.109.134): 48 data bytes 56 bytes from 192.168.109.134: icmp_seq=0 ttl=64 time=0.234 ms
相關文章
- 1. 二進制部署K8s集羣第22節addons之安裝部署Ingress
- 2. 二進制部署K8s集羣第23節addons之安裝部署dashboard
- 3. 二進制部署K8s集羣第19節addons之flannel三種模型安裝部署詳解
- 4. Kubernetes addons 之 coredns部署
- 5. 二進制部署K8s集羣第11節Node節點之kubelet部署
- 6. 二進制部署K8s集羣第12節Node節點之kube-proxy部署
- 7. (七)二進制安裝k8s-1.11版本之coredns部署
- 8. k8s單master節點部署【一】(二進制部署)--etcd集羣部署(理論)
- 9. 二進制部署K8s集羣第17節pod控制器
- 10. 二進制部署K8s集羣第4節之docker環境安裝
- 更多相關文章...
- • Maven 自動化部署 - Maven教程
- • ionic 頭部與底部 - ionic 教程
- • 使用阿里雲OSS+CDN部署前端頁面與加速靜態資源
- • Composer 安裝與使用
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. 二進制部署K8s集羣第22節addons之安裝部署Ingress
- 2. 二進制部署K8s集羣第23節addons之安裝部署dashboard
- 3. 二進制部署K8s集羣第19節addons之flannel三種模型安裝部署詳解
- 4. Kubernetes addons 之 coredns部署
- 5. 二進制部署K8s集羣第11節Node節點之kubelet部署
- 6. 二進制部署K8s集羣第12節Node節點之kube-proxy部署
- 7. (七)二進制安裝k8s-1.11版本之coredns部署
- 8. k8s單master節點部署【一】(二進制部署)--etcd集羣部署(理論)
- 9. 二進制部署K8s集羣第17節pod控制器
- 10. 二進制部署K8s集羣第4節之docker環境安裝