K8s集群部署篇–Kube-DNS(三)
K8s集群部署篇–Kube-DNS(三)
1、部署Cluster DNS
1.1 原理:(看看吧,摘抄网上的↓)
通过前面对Kubernetes的讨论(Kubernetes核心概念总结).我们已经知道,每个Kubernetes service都绑定了一个虚拟IP 地址(ClusterIP),而且Kubernetes最初使用向pod中注入环境变量的方式实现服务发现,但这会带来环境变量泛滥等问题。故需要增加集群DNS服务为每个service映射一个域名。到Kubernetes v1.2版本时,DNS作为一个系统可选插件集成到Kubernetes集群中。Kubernetes默认使用SkyDNS 作为集群的DNS服务器,
kubernetes可以为pod提供dns(skyDNS)内部域名解析服务。其主要作用是为pod提供可以直接通过service的名字解析为对应service的ip的功能。启用了集群DNS选项,需要创建一个运行SkyDNS域名服务器的pod和一个对外提供集群service域名解析服务的SkyDNS service,并且还会为该service绑定一个稳定的静态IP地址作为入口IP地址。然后,Kubelet被配置成向每个Docker容器传人SkyDNS service的IP地址。作为它们其中一个DNS服务器。每个在Kubernetes集群中定义的service包括DNS服务器本身对应的service都会被映射到一个DNS域名,该域名一般由两个部分组成:service所在namespace和service名。默认情况下,一个客户端pod的DNS搜索列表一般包含pod自身的namespace和集群的默认域名集。SkyDNS service的域名搜索顺序大致如下。
搜索客户端pod所在namespace中所有的service域名记录;
搜索目标域名namespace中所有的service域名记录;
从当前Kubernetes集群中,搜索所有的service域名记录。
skyDNS由三部分组成:kube2sky、etcd、skydns。
kube2sky的功能是监测api-server中的service的变化,当service创建、删除、修改时,获取对应的service信息,将其保存在etcd的中;
Etcd的功能是存储kube2sky保存过来的数据;
Skydns。在kubelet创建pod时,会使用为kubelet配置的
KUBELET_ARGS="--cluster-dns=10.254.10.2 --cluster-domain=sky --allow-privileged=true"在创建的pod中从而使用对应的dns服务器。而这一dns解析服务,实际是由Skydns提供的。
1.2 配置etcd中关于skyDNS的key
[[email protected] ~]# etcdctl mk /skydns/config '{"dns-addr":"10.254.10.2:53","ttl":3600,"domain":"sky."}'1.3 配置kubelet中相关信息
在每个node中更改kubelet的配置文件如下 KUBELET_ARGS 部分,更改完成之后重启服务。
在所有的node 中配置如下:
[[email protected] ~]# vim /etc/kubernetes/kubelet
###
# kubernetes kubelet (minion) config
# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=0.0.0.0"
# The port for the info server to serve on
# KUBELET_PORT="--port=10250"
# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=node2"
# location of the api-server
KUBELET_API_SERVER="--api-servers=http://etcd:8080"
# pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
# Add your own!
KUBELET_ARGS="--cluster-dns=10.254.10.2 --cluster-domain=sky --allow-privileged=true"重启 kubectl 服务
[root@node2 ~]# systemctl restart kubelet.service1.4 yaml文件
编辑skydns_dpm.yaml文件,更改以下部分:
[[email protected] ~]# vim skydns_dpm.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kube-dns
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
name: kube-dns
tier: platform
subsystem: unconfirmed
k8s-app: kube-dns
version: v9
partition: "no"
kubernetes.io/cluster-service: "true"
spec:
containers:
- name: kube2sky
image: gcr.io/google_containers/kube2sky:1.11
resources:
limits:
cpu: 100m
memory: 50Mi
args:
- -domain=sky
- -kube_master_url=http://192.168.161.161:8080
- -etcd-server=http://192.168.161.161:2379
- name: skydns
image: gcr.io/google_containers/skydns:2015-10-13-8c72f8c
resources:
limits:
cpu: 100m
memory: 50Mi
args:
- -machines=http://192.168.161.161:2379
- -addr=0.0.0.0:53
- -ns-rotate=false
- -domain=sky.
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
dnsPolicy: Default编辑skydns-svc.yaml文件,更改以下部分:
[[email protected] ~]# vim skydns-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: kube-dns
namespace: kube-system
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "KubeDNS"
spec:
selector:
k8s-app: kube-dns
clusterIP: 10.254.10.2
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
protocol: TCP1.5 启动
在master执行如下命令:
kubectl create -f skydns_dpm.yaml
kubectl create -f skydns-svc.yaml至此dns搭建完成。
[[email protected] kubernetes]# kubectl get svc
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 1d
[[email protected] kubernetes]# kubectl get deployment --all-namespaces
NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
kube-system kube-dns 1 1 1 0 48s1.6 DNS功能验证
1.6.1 创建测试service
[[email protected] yaml]# cat mysql_svc.yml
apiVersion: v1
kind: Service
metadata:
labels:
name: mysql
role: service
name: mysql-service
spec:
ports:
- port: 3306
targetPort: 3306
type: NodePort
selector:
name: mysql[[email protected] yaml]# kubectl create -f mysql_svc.yml
service "mysql-service" created
[[email protected] ~]# kubectl get svc
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 1d
mysql-service 10.254.50.238 <nodes> 3306:31215/TCP 7s依旧是再次重新创建下上一章演示的 rc-nginx-3 svc
[[email protected] ~]# kubectl create -f rc-nginx.yaml
replicationcontroller "rc-nginx-3" created
[[email protected] ~]# kubectl get po
NAME READY STATUS RESTARTS AGE
rc-nginx-3-82wmn 0/1 ContainerCreating 0 9s
rc-nginx-3-dnb7v 0/1 ContainerCreating 0 9s
rc-nginx-3-pc48s 0/1 ContainerCreating 0 9s
[[email protected] ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
rc-nginx-3-82wmn 1/1 Running 0 1m 10.0.98.2 node2
rc-nginx-3-dnb7v 1/1 Running 0 1m 10.0.8.3 node1
rc-nginx-3-pc48s 1/1 Running 0 1m 10.0.8.2 node1
[[email protected] ~]# curl 10.0.98.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>1.6.3 进入pod验证服务解析
[[email protected] ~]# kubectl exec -it rc-nginx-3-pc48s /bin/bash
[email protected]3-pc48s:/# cat /etc/resolv.conf
search default.svc.sky svc.sky sky
nameserver 10.254.10.2
nameserver 119.29.29.29
options ndots:5