DNS (domain name system),提供域名解析服务,解决了难于记忆的IP地址问题,以更人性可读可记忆可标识的方式映射对应IP地址。
Cluster DNS扩展插件用于支持k8s集群系统中各服务之间发现与调用。
组件:
·SkyDNS 提供DNS解析服务
·Etcd 存储DNS信息
·Kube2sky 监听kubernetes,当有Service创建时,生成相应的记录到SkyDNS。
1.修改所有node的配置文件:/etc/kubernetes/kubelet kubernetes-node1,kubernetes-node2,kubernetes-node3:
[iyunv@kubernetes-node2 ~]# tail -n 1 /etc/kubernetes/kubelet
KUBELET_ARGS="--cluster-dns=10.254.254.254 --cluster-domain=cluster.local"
2.所有node节点都重新启动服务
systemctl restart kubelet.service
3.根据namespace分为不同的名称空间,将系统服务统一放到一个单独的空间:kube-system,由于默认空间只有default,我们首先要创建kube-system空间。
[iyunv@kubernetes-master pods]# cat kube-system.yml
apiVersion: v1
kind: Namespace
metadata:
name: kube-system
4.在master服务器上编辑ReplicationController文件dns-rc.yml
 
apiVersion: v1
kind: ReplicationController
metadata:
name: kube-dns-v11
namespace: kube-system
labels:
k8s-app: kube-dns
version: v11
kubernetes.io/cluster-service: "true"
spec:
replicas: 1
selector:
k8s-app: kube-dns
version: v11
template:
metadata:
labels:
k8s-app: kube-dns
version: v11
kubernetes.io/cluster-service: "true"
spec:
containers:
- name: etcd
image: docker.gaoxiaobang.com/kubernetes/etcd-amd64:2.2.1
resources:
limits:
cpu: 100m
memory: 500Mi
requests:
cpu: 100m
memory: 50Mi
command:
- /usr/local/bin/etcd
- -data-dir
- /var/etcd/data
- -listen-client-urls
- http://127.0.0.1:2379,http://127.0.0.1:4001
- -advertise-client-urls
- http://127.0.0.1:2379,http://127.0.0.1:4001
- -initial-cluster-token
- skydns-etcd
#volumeMounts:
#- name: etcd-storage
# mountPath: /var/etcd/data
- name: kube2sky
image: docker.gaoxiaobang.com/kubernetes/kube2sky:1.14
args:
# command = "/kube2sky"
- --domain=cluster.local
- --kube-master-url=http://10.64.8.68:8080
resources:
limits:
cpu: 100m
memory: 200Mi
requests:
cpu: 100m
memory: 50Mi
- name: skydns
image: docker.gaoxiaobang.com/kubernetes/skydns:2015-10-13-8c72f8c
resources:
limits:
cpu: 100m
memory: 200Mi
requests:
cpu: 100m
memory: 50Mi
args:
- -machines=http://127.0.0.1:4001
- -addr=0.0.0.0:53
- -ns-rotate=false
- -domain=cluster.local.
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
httpGet:
path: /readiness
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
- name: healthz
image: docker.gaoxiaobang.com/kubernetes/exechealthz:1.0
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
args:
- -cmd=nslookup kubernetes.default.svc.cluster.local localhost >/dev/null
- -port=8080
ports:
- containerPort: 8080
protocol: TCP
volumes:
- name: etcd-storage
emptyDir: {}
dnsPolicy: Default
dns-rc.yml 注意dns-rc.yml:修改文件中的master ip
dns service服务yml
apiVersion: v1
kind: Service
metadata:
name: kube-dns
namespace: kube-system
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "KubeDNS"
spec:
selector:
k8s-app: kube-dns
clusterIP: 10.254.254.254
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
protocol: TCP
dns-svc.yml 创建namespace(有就不用在创建了)
kubectl create -f kube-system.yml
创建ReplicationController
[iyunv@kubernetes-master pods]# kubectl create -f dns-rc.yml
创建Service
[iyunv@kubernetes-master pods]# kubectl create -f dns-svc.yml
查看dns-rc.yml文件中定义pod的启动状态,如下则启动成功。
[iyunv@kubernetes-master pods]# kubectl get pod --namespace=kube-system
查看dns-svc.yml文件中定义的Service的信息。
[iyunv@kubernetes-master pods]# kubectl get svc -l k8s-app=kube-dns --namespace=kube-system
测试DNS的效果。
部署一个busybox的Pod
apiVersion: v1
kind: Pod
metadata:
name: busybox
namespace: default
spec:
containers:
- image: busybox
command:
- sleep
- "3600"
imagePullPolicy: IfNotPresent
name: busybox
restartPolicy: Always
busybox.yml 验证kubernetes服务的地址解析,出现如下所示则证明DNS解析正常。
| 
QQ群⑧:
窥视卡
雷达卡
发表于 2018-1-5 17:40:23
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡