基於External-DNS的多集羣Service DNS實踐

時間  2019-11-16
標籤 基於 external dns 集羣 service 實踐 欄目 系統網絡 简体版
原文   原文鏈接

概述

External-DNS提供了編程方式管理Kubernetes Service資源的DNS的功能,相似於容器服務kubernetes federation v2實踐一:基於External-DNS的多集羣Ingress DNS實踐,External-DNS會監聽LoadBalancer類型的Service,而後與雲廠商打通,按照可用區、region和全局三個維度生成獨自的域名解析記錄,便於服務間調用引導流量。本文簡單介紹如何在阿里雲容器平臺上使用External-DNS管理多集羣Service DNS。nginx

環境準備

參考容器服務kubernetes federation v2實踐一:基於External-DNS的多集羣Ingress DNS實踐完成【聯邦集羣準備】、【配置RAM信息】和【部署External-DNS】部分,並配置好kubeConfig,以下所示:編程

kubectl config get-contexts
CURRENT   NAME       CLUSTER    AUTHINFO            NAMESPACE
*         cluster1   cluster1   kubernetes-admin1
          cluster2   cluster2   kubernetes-admin2

資源部署

建立FederatedDeployment和FederatedService

yaml以下,注意FederatedService類型爲LoadBalancerapi

apiVersion: v1
kind: Namespace
metadata:
  name: test-namespace

---

apiVersion: types.federation.k8s.io/v1alpha1
kind: FederatedNamespace
metadata:
  name: test-namespace
  namespace: test-namespace
spec:
  placement:
    clusterNames:
    - cluster1
    - cluster2

---

apiVersion: types.federation.k8s.io/v1alpha1
kind: FederatedDeployment
metadata:
  name: test-deployment
  namespace: test-namespace
spec:
  template:
    metadata:
      labels:
        app: nginx
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - image: nginx
            name: nginx
  placement:
    clusterNames:
    - cluster1
    - cluster2

---

apiVersion: types.federation.k8s.io/v1alpha1
kind: FederatedService
metadata:
  name: test-service
  namespace: test-namespace
spec:
  template:
    spec:
      selector:
        app: nginx
      type: LoadBalancer
      ports:
        - name: http
          port: 80
  placement:
    clusterNames:
    - cluster2
    - cluster1

查看各個集羣Service詳情:app

get svc -n test-namespace --context cluster1
NAME           TYPE           CLUSTER-IP     EXTERNAL-IP    PORT(S)        AGE
test-service   LoadBalancer   172.23.5.173   39.96.243.59   80:30185/TCP   28s

get svc -n test-namespace --context cluster2
NAME           TYPE           CLUSTER-IP     EXTERNAL-IP    PORT(S)        AGE
test-service   LoadBalancer   172.21.11.44   47.95.152.65   80:30384/TCP   31s

建立Domain和ServiceDNSRecord

yaml以下,注意請將【service.example-domain.club】替換成測試域名(必須由阿里雲託管的域名)。dom

apiVersion: multiclusterdns.federation.k8s.io/v1alpha1
kind: Domain
metadata:
  name: test-domain
  namespace: federation-system
domain: service.example-domain.club
---
apiVersion: multiclusterdns.federation.k8s.io/v1alpha1
kind: ServiceDNSRecord
metadata:
  name: test-service
  namespace: test-namespace
spec:
  domainRef: test-domain
  recordTTL: 600

結果分析

查看DnsEndpoint詳情:測試

kubectl get dnsendpoint -n test-namespace -o yaml
apiVersion: v1
items:
- apiVersion: multiclusterdns.federation.k8s.io/v1alpha1
  kind: DNSEndpoint
  metadata:
    creationTimestamp: 2019-05-17T08:49:31Z
    generation: 2
    name: service-test-service
    namespace: test-namespace
    resourceVersion: "742339863"
    selfLink: /apis/multiclusterdns.federation.k8s.io/v1alpha1/namespaces/test-namespace/dnsendpoints/service-test-service
    uid: afd3e22a-7880-11e9-9566-326dc52c25d3
  spec:
    endpoints:
    - dnsName: test-service.test-namespace.test-domain.svc.cn-beijing-a.cn-beijing.service.example-domain.club
      recordTTL: 600
      recordType: A
      targets:
      - 47.95.152.65
    - dnsName: test-service.test-namespace.test-domain.svc.cn-beijing-f.cn-beijing.service.example-domain.club
      recordTTL: 600
      recordType: A
      targets:
      - 39.96.243.59
    - dnsName: test-service.test-namespace.test-domain.svc.cn-beijing.service.example-domain.club
      recordTTL: 600
      recordType: A
      targets:
      - 39.96.243.59
      - 47.95.152.65
    - dnsName: test-service.test-namespace.test-domain.svc.service.example-domain.club
      recordTTL: 600
      recordType: A
      targets:
      - 39.96.243.59
      - 47.95.152.65
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""

能夠看到External-DNS已經自動生成了4條解析記錄,包含北京兩個可用區、北京region和全局四個dns解析記錄。ui

dig +short @dns7.hichina.com test-service.test-namespace.test-domain.svc.cn-beijing-a.cn-beijing.service.example-domain.club
47.95.152.65

dig +short @dns7.hichina.com test-service.test-namespace.test-domain.svc.cn-beijing-f.cn-beijing.service.example-domain.club
39.96.243.59

dig +short @dns7.hichina.com test-service.test-namespace.test-domain.svc.cn-beijing.service.example-domain.club
47.95.152.65
39.96.243.59

dig +short @dns7.hichina.com test-service.test-namespace.test-domain.svc.service.example-domain.club
47.95.152.65
39.96.243.59

結論

External-DNS在Federation-V2多集羣聯邦環境下,能夠根據Service部署所在的可用區、region和全局三個維度生成多條DNS解析記錄,幫助服務靈活的引導流量。阿里雲


本文做者:鈞博

閱讀原文url

本文爲雲棲社區原創內容,未經容許不得轉載。spa

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程