在kubernetes中每一个service都会被分配一个虚拟IP,每一个Service在正常情况下都会长时间不会改变,这个相对于pod的不定IP,对于集群中APP的使用相对是稳定的。
但是Service的信息注入到pod目前使用的是环境变量的方式,并且十分依赖于pod(rc)和service的创建顺序,这使得这个集群看起来又不那么完美,于是kubernetes以插件的方式引入了DNS系统,利用DNS对Service进行一个映射,这样我们在APP中直接使用域名进行引用,避免了之前的变量泛滥问题,也避免了创建顺序的尴尬局面。
组件:
?SkyDNS 提供DNS解析服务
?Etcd 存储DNS信息
?Kube2sky 监听kubernetes,当有Service创建时,生成相应的记录到SkyDNS
1.下载创建dns的镜像(node节点下载)
docker pull docker.gaoxiaobang.com/kubernetes/etcd-amd64:2.2.1
docker pull docker.gaoxiaobang.com/kubernetes/kube2sky:1.14
docker pull docker.gaoxiaobang.com/kubernetes/skydns:2015-10-13-8c72f8c
docker pull docker.gaoxiaobang.com/kubernetes/exechealthz:1.0
2.创建命名空间
根据namespace分为不同的名称空间,将系统服务统一放到一个单独的空间:kube-system,由于默认空间只有default,我们首先要创建kube-system空间。
vim kube-system.yaml,内容如下:
apiVersion: v1
kind: Namespace
metadata:
name: kube-system
3.在master服务器上编辑ReplicationController文件
vim skydns-rc.yaml,内容如下,记得修改红色字体部分:
apiVersion: v1
kind: ReplicationController
metadata:
name: kube-dns-v11
namespace: kube-system
labels:
k8s-app: kube-dns
version: v11
kubernetes.io/cluster-service: "true"
spec:
replicas: 1
selector:
k8s-app: kube-dns
version: v11
template:
metadata:
labels:
k8s-app: kube-dns
version: v11
kubernetes.io/cluster-service: "true"
spec:
containers:
- name: etcd
image: docker.gaoxiaobang.com/kubernetes/etcd-amd64:2.2.1
resources:
limits:
cpu: 100m
memory: 500Mi
requests:
cpu: 100m
memory: 50Mi
command:- /usr/local/bin/etcd
- -data-dir
- /var/etcd/data
- -listen-client-urls
- http://127.0.0.1:2379,http://127.0.0.1:4001
- -advertise-client-urls
- http://127.0.0.1:2379,http://127.0.0.1:4001
- -initial-cluster-token
- skydns-etcd
- name: kube2sky
image: docker.gaoxiaobang.com/kubernetes/kube2sky:1.14
args:- --domain=cluster.local
- --kube-master-url=http://192.168.1.10:8080
resources:
limits:
cpu: 100m
memory: 200Mi
requests:
cpu: 100m
memory: 50Mi
- name: skydns
image: docker.gaoxiaobang.com/kubernetes/skydns:2015-10-13-8c72f8c
resources:
limits:
cpu: 100m
memory: 200Mi
requests:
cpu: 100m
memory: 50Mi
args:- -machines=http://127.0.0.1:4001
- -addr=0.0.0.0:53
- -ns-rotate=false
- -domain=cluster.local.
ports: - containerPort: 53
name: dns
protocol: UDP - containerPort: 53
name: dns-tcp
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
httpGet:
path: /readiness
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
- name: healthz
image: docker.gaoxiaobang.com/kubernetes/exechealthz:1.0
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
args:- -cmd=nslookup kubernetes.default.svc.cluster.local localhost >/dev/null
- -port=8080
ports: - containerPort: 8080
protocol: TCP
volumes:
- name: etcd-storage
emptyDir: {}
dnsPolicy: Default
4.在master上创建skydns服务文件skydns-service.yaml
在创建skydns-service.yaml之前,需要手动为dns指定一个cluster-ip
你需要查看你的/etc/kubernetes/apiserver文件和kubernetes的cluster-ip:
[root@k8s-master dns]# cat /etc/kubernetes/apiserver | grep KUBE_SERVICE_ADDRESSES
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=172.25.0.0/24"
[root@k8s-master dns]# kubectl get service
NAME ????????TYPE ???????CLUSTER-IP ??EXTERNAL-IP ??PORT(S) ??AGE
kubernetes ????ClusterIP ????172.25.0.1 ???<none> ???????443/TCP ??19d
如果这两个ip地址属于同一网段,则从172.25.0.0中挑选一个IP充当dns的cluster-ip;
如果不一样,以kubernetes的cluster-ip为准,修改apiserver的网络地址范围,重启apiserver,然后从172.25.0.0中挑选一个IP作为dns的cluster-ip
创建skydns-service.yaml文件,注意修改红色部分,这里我选的dns-clusterip是172.25.0.254
vim skydns-service.yaml,内容如下:
apiVersion: v1
kind: Service
metadata:
name: kube-dns
namespace: kube-system
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "KubeDNS"
spec:
selector:
k8s-app: kube-dns
clusterIP: ?172.25.0.254
ports:
- name: dns
port: 53
protocol: UDP - name: dns-tcp
port: 53
protocol: TCP
5.在集群中创建cluster-dns解析应用
?创建Namespace
kubectl create -f kube-system.yaml
?创建ReplicationController
kubectl create -f skydns-rc.yaml
?创建Service
kubectl create -f skydns-service.yaml
删除就是将上面三个命令中的“create”换成“delete”
6.查看dns-pod的启动状态
[root@ k8s-master dns]# kubectl get pod --namespace=kube-system
NAME ????????????????????????READY ????STATUS ???RESTARTS ??AGE
kube-dns-v11-ey14j ?????????????4/4 ??????Running ??8 ??????????1d
7.查看skydns-service.yaml文件中定义的Service的信息。
[root@ k8s-master dns]# kubectl get svc --namespace=kube-system
NAME ??????CLUSTER-IP ??????EXTERNAL-IP ??PORT(S) ????????AGE
kube-dns ???172.25.0.254 ??????<none> ??????53/UDP,53/TCP ??1d
8.测试DNS功能
(1) 获取busybox镜像
docker pull busybox:latest
(2) 编辑busybox的pod的yaml文件
vim busybox.yaml,内容如下:
apiVersion: v1
kind: Pod
metadata:
name: busybox
namespace: default
spec:
containers:
- image: busybox:latest
command:- sleep
- "3600"
imagePullPolicy: IfNotPresent
name: busybox
restartPolicy: Always
(3) 创建busybox的pod:
kubectl create -f busybox.yaml
pod启动状态:
[root@k8s-master dns]# kubectl get pods
NAME ????????????????READY ????STATUS ???RESTARTS ??AGE
busybox ??????????????1/1 ???????Running ???2 ??????????2h
(4) 使用busybox自带的nslookup测试dns
kubernetets集群搭建完毕之后都会有一个默认的cluster-ip,可通过命令查看:
[root@k8s-master dns]# kubectl get services
NAME ????????TYPE ???????CLUSTER-IP ??EXTERNAL-IP ??PORT(S) ??AGE
kubernetes ????ClusterIP ????172.25.0.1 ???<none> ???????443/TCP ??19d
开始测试,解析时间可能有点小长,耐心等待:
[root@k8s-master dns]# kubectl exec busybox nslookup kubernetes.default
Server: ???172.25.0.254
Address 1: 172.25.0.254
Name: ?????kubernetes.default
Address 1: ?172.25.0.1
解析成功,注意,上面的kubernetes.default参数,kubernetes为service的name,default为k8s的默认命名空间,如果你查询的不是default名称空间里的域名,则更改default,例如下面这个例子:
[root@k8s-master dns]# kubectl get service -n kube-system
NAME ????????TYPE ???????CLUSTER-IP ????EXTERNAL-IP ??PORT(S) ????????AGE
kube-dns ?????ClusterIP ????172.25.0.254 ???<none> ???????53/UDP,53/TCP ??2h
如果你想解析“kube-dns”这个域名对应的IP,需要这样写:
[root@k8s-master dns]# kubectl exec busybox nslookup kube-dns.kube-system
Server: ????172.25.0.254
Address 1: ?172.25.0.254
Name: ????kube-dns.kube-system
Address 1: ?172.25.0.254
至此,kubernetes的DNS搭建成功
Kubernetes集群部署DNS服务
原文地址:http://blog.51cto.com/13120271/2116021