k8s 1.14 coredns部署

其他 2019-07-31 11:31:20 阅读次数: 0

1、文件位置:

   https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/coredns/coredns.yaml.base

2、

  1 # __MACHINE_GENERATED_WARNING__
  2 
  3 apiVersion: v1
  4 kind: ServiceAccount
  5 metadata:
  6   name: coredns
  7   namespace: kube-system
  8   labels:
  9       kubernetes.io/cluster-service: "true"
 10       addonmanager.kubernetes.io/mode: Reconcile
 11 ---
 12 apiVersion: rbac.authorization.k8s.io/v1
 13 kind: ClusterRole
 14 metadata:
 15   labels:
 16     kubernetes.io/bootstrapping: rbac-defaults
 17     addonmanager.kubernetes.io/mode: Reconcile
 18   name: system:coredns
 19 rules:
 20 - apiGroups:
 21   - ""
 22   resources:
 23   - endpoints
 24   - services
 25   - pods
 26   - namespaces
 27   verbs:
 28   - list
 29   - watch
 30 - apiGroups:
 31   - ""
 32   resources:
 33   - nodes
 34   verbs:
 35   - get
 36 ---
 37 apiVersion: rbac.authorization.k8s.io/v1
 38 kind: ClusterRoleBinding
 39 metadata:
 40   annotations:
 41     rbac.authorization.kubernetes.io/autoupdate: "true"
 42   labels:
 43     kubernetes.io/bootstrapping: rbac-defaults
 44     addonmanager.kubernetes.io/mode: EnsureExists
 45   name: system:coredns
 46 roleRef:
 47   apiGroup: rbac.authorization.k8s.io
 48   kind: ClusterRole
 49   name: system:coredns
 50 subjects:
 51 - kind: ServiceAccount
 52   name: coredns
 53   namespace: kube-system
 54 ---
 55 apiVersion: v1
 56 kind: ConfigMap
 57 metadata:
 58   name: coredns
 59   namespace: kube-system
 60   labels:
 61       addonmanager.kubernetes.io/mode: EnsureExists
 62 data:
 63   Corefile: |
 64     .:53 {
 65         errors
 66         health
 67         kubernetes __PILLAR__DNS__DOMAIN__ in-addr.arpa ip6.arpa {
 68             pods insecure
 69             upstream
 70             fallthrough in-addr.arpa ip6.arpa
 71             ttl 30
 72         }
 73         prometheus :9153
 74         forward . /etc/resolv.conf
 75         cache 30
 76         loop
 77         reload
 78         loadbalance
 79     }
 80 ---
 81 apiVersion: apps/v1
 82 kind: Deployment
 83 metadata:
 84   name: coredns
 85   namespace: kube-system
 86   labels:
 87     k8s-app: kube-dns
 88     kubernetes.io/cluster-service: "true"
 89     addonmanager.kubernetes.io/mode: Reconcile
 90     kubernetes.io/name: "CoreDNS"
 91 spec:
 92   # replicas: not specified here:
 93   # 1. In order to make Addon Manager do not reconcile this replicas parameter.
 94   # 2. Default is 1.
 95   # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on.
 96   strategy:
 97     type: RollingUpdate
 98     rollingUpdate:
 99       maxUnavailable: 1
100   selector:
101     matchLabels:
102       k8s-app: kube-dns
103   template:
104     metadata:
105       labels:
106         k8s-app: kube-dns
107       annotations:
108         seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
109     spec:
110       priorityClassName: system-cluster-critical
111       serviceAccountName: coredns
112       tolerations:
113         - key: "CriticalAddonsOnly"
114           operator: "Exists"
115       nodeSelector:
116         beta.kubernetes.io/os: linux
117       containers:
118       - name: coredns
119         image: k8s.gcr.io/coredns:1.3.1
120         imagePullPolicy: IfNotPresent
121         resources:
122           limits:
123             memory: __PILLAR__DNS__MEMORY__LIMIT__
124           requests:
125             cpu: 100m
126             memory: 70Mi
127         args: [ "-conf", "/etc/coredns/Corefile" ]
128         volumeMounts:
129         - name: config-volume
130           mountPath: /etc/coredns
131           readOnly: true
132         ports:
133         - containerPort: 53
134           name: dns
135           protocol: UDP
136         - containerPort: 53
137           name: dns-tcp
138           protocol: TCP
139         - containerPort: 9153
140           name: metrics
141           protocol: TCP
142         livenessProbe:
143           httpGet:
144             path: /health
145             port: 8080
146             scheme: HTTP
147           initialDelaySeconds: 60
148           timeoutSeconds: 5
149           successThreshold: 1
150           failureThreshold: 5
151         readinessProbe:
152           httpGet:
153             path: /health
154             port: 8080
155             scheme: HTTP
156         securityContext:
157           allowPrivilegeEscalation: false
158           capabilities:
159             add:
160             - NET_BIND_SERVICE
161             drop:
162             - all
163           readOnlyRootFilesystem: true
164       dnsPolicy: Default
165       volumes:
166         - name: config-volume
167           configMap:
168             name: coredns
169             items:
170             - key: Corefile
171               path: Corefile
172 ---
173 apiVersion: v1
174 kind: Service
175 metadata:
176   name: kube-dns
177   namespace: kube-system
178   annotations:
179     prometheus.io/port: "9153"
180     prometheus.io/scrape: "true"
181   labels:
182     k8s-app: kube-dns
183     kubernetes.io/cluster-service: "true"
184     addonmanager.kubernetes.io/mode: Reconcile
185     kubernetes.io/name: "CoreDNS"
186 spec:
187   selector:
188     k8s-app: kube-dns
189   clusterIP: __PILLAR__DNS__SERVER__
190   ports:
191   - name: dns
192     port: 53
193     protocol: UDP
194   - name: dns-tcp
195     port: 53
196     protocol: TCP
197   - name: metrics
198     port: 9153
199     protocol: TCP

ps:大写部分需要你修改成自己k8s集群上的配置,主要修改三个地方
67行  修改成自己的域 
ps:大写部分需要你修改成自己k8s集群上的配置,主要修改三个地方
67行  大写部分修改成自己的域  一般为 cluster.local.
119行 image部分墙外的需要修改,coredns/coredns:1.3.1
123行 memory 修改成自己适合的值,我这里修改为 170Mi
189行 clusterIP 修改成kubelet.config中设置的clusterDNS IP

3、安装coredns.yaml

kubectl create -f coredns.yaml

4、验证

   4,.1 启动一个busybox pod

   注意一定要使用busybox 1.28.3,其它版本镜像有bug测试会出问题

root@k8s-master1 pv]# cat busybox.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: busybox
  namespace: default
spec:
  containers:
  - image: busybox:1.28.3
    command:
      - sleep
      - "3600"
    imagePullPolicy: IfNotPresent
    name: busybox
  restartPolicy: Always

  4.2 进入busybox 验证

[root@k8s-master2 cfg]# kubectl get svc
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.0.0.1       <none>        443/TCP   5d15h
my-nginx     ClusterIP   10.0.140.169   <none>        80/TCP    16h

[root@k8s-master1 pv]# kubectl get po
NAME                        READY   STATUS    RESTARTS   AGE
busybox                     1/1     Running   0          5s
my-nginx-5dd67b97fb-hqg94   1/1     Running   0          42m
my-nginx-5dd67b97fb-xqj5w   1/1     Running   1          16h

[root@k8s-master1 pv]# kubectl exec -it busybox sh
/ # nslookup kubernetes.default
Server:    10.0.0.2
Address 1: 10.0.0.2 coredns.kube-system.svc.cluster.local

Name:      kubernetes.default
Address 1: 10.0.0.1 kubernetes.default.svc.cluster.local

  

# __MACHINE_GENERATED_WARNING__
   
  apiVersion: v1
  kind: ServiceAccount
  metadata:
  name: coredns
  namespace: kube-system
  labels:
  kubernetes.io/cluster-service: "true"
  addonmanager.kubernetes.io/mode: Reconcile
  ---
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
  labels:
  kubernetes.io/bootstrapping: rbac-defaults
  addonmanager.kubernetes.io/mode: Reconcile
  name: system:coredns
  rules:
  - apiGroups:
  - ""
  resources:
  - endpoints
  - services
  - pods
  - namespaces
  verbs:
  - list
  - watch
  - apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - get
  ---
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
  annotations:
  rbac.authorization.kubernetes.io/autoupdate: "true"
  labels:
  kubernetes.io/bootstrapping: rbac-defaults
  addonmanager.kubernetes.io/mode: EnsureExists
  name: system:coredns
  roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:coredns
  subjects:
  - kind: ServiceAccount
  name: coredns
  namespace: kube-system
  ---
  apiVersion: v1
  kind: ConfigMap
  metadata:
  name: coredns
  namespace: kube-system
  labels:
  addonmanager.kubernetes.io/mode: EnsureExists
  data:
  Corefile: |
  .:53 {
  errors
  health
  kubernetes __PILLAR__DNS__DOMAIN__ in-addr.arpa ip6.arpa {
  pods insecure
  upstream
  fallthrough in-addr.arpa ip6.arpa
  ttl 30
  }
  prometheus :9153
  forward . /etc/resolv.conf
  cache 30
  loop
  reload
  loadbalance
  }
  ---
  apiVersion: apps/v1
  kind: Deployment
  metadata:
  name: coredns
  namespace: kube-system
  labels:
  k8s-app: kube-dns
  kubernetes.io/cluster-service: "true"
  addonmanager.kubernetes.io/mode: Reconcile
  kubernetes.io/name: "CoreDNS"
  spec:
  # replicas: not specified here:
  # 1. In order to make Addon Manager do not reconcile this replicas parameter.
  # 2. Default is 1.
  # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on.
  strategy:
  type: RollingUpdate
  rollingUpdate:
  maxUnavailable: 1
  selector:
  matchLabels:
  k8s-app: kube-dns
  template:
  metadata:
  labels:
  k8s-app: kube-dns
  annotations:
  seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
  spec:
  priorityClassName: system-cluster-critical
  serviceAccountName: coredns
  tolerations:
  - key: "CriticalAddonsOnly"
  operator: "Exists"
  nodeSelector:
  beta.kubernetes.io/os: linux
  containers:
  - name: coredns
  image: k8s.gcr.io/coredns:1.3.1
  imagePullPolicy: IfNotPresent
  resources:
  limits:
  memory: __PILLAR__DNS__MEMORY__LIMIT__
  requests:
  cpu: 100m
  memory: 70Mi
  args: [ "-conf", "/etc/coredns/Corefile" ]
  volumeMounts:
  - name: config-volume
  mountPath: /etc/coredns
  readOnly: true
  ports:
  - containerPort: 53
  name: dns
  protocol: UDP
  - containerPort: 53
  name: dns-tcp
  protocol: TCP
  - containerPort: 9153
  name: metrics
  protocol: TCP
  livenessProbe:
  httpGet:
  path: /health
  port: 8080
  scheme: HTTP
  initialDelaySeconds: 60
  timeoutSeconds: 5
  successThreshold: 1
  failureThreshold: 5
  readinessProbe:
  httpGet:
  path: /health
  port: 8080
  scheme: HTTP
  securityContext:
  allowPrivilegeEscalation: false
  capabilities:
  add:
  - NET_BIND_SERVICE
  drop:
  - all
  readOnlyRootFilesystem: true
  dnsPolicy: Default
  volumes:
  - name: config-volume
  configMap:
  name: coredns
  items:
  - key: Corefile
  path: Corefile
  ---
  apiVersion: v1
  kind: Service
  metadata:
  name: kube-dns
  namespace: kube-system
  annotations:
  prometheus.io/port: "9153"
  prometheus.io/scrape: "true"
  labels:
  k8s-app: kube-dns
  kubernetes.io/cluster-service: "true"
  addonmanager.kubernetes.io/mode: Reconcile
  kubernetes.io/name: "CoreDNS"
  spec:
  selector:
  k8s-app: kube-dns
  clusterIP: __PILLAR__DNS__SERVER__
  ports:
  - name: dns
  port: 53
  protocol: UDP
  - name: dns-tcp
  port: 53
  protocol: TCP
  - name: metrics
  port: 9153
  protocol: TCP

猜你喜欢

转载自www.cnblogs.com/eddycomeon/p/11275071.html
今日推荐
《美国对全球网络空间安全与发展的威胁和破坏》报告发布
火速冲上 GitHub 热榜 —— 开源编程语言、框架哪有这么可爱?
北京人形机器人创新中心发布全球首个纯电驱拟人奔跑的全尺寸人形机器人“天工”
LFOSSA 源来如此公开课 | 掌握云原生未来:CNCF 认证全面攻略与备考秘籍
国产云输入法——仅华为无云端数据上传安全问题
开源日报 | 工业开源项目OGG 1.0;姐姐,你要和我一起配置火狐吗;苹果AI遥遥落后?Fedora 40
周排行
购置笔记本常识
从源码看Spring Security之采坑笔记(Spring Boot篇)
大数据学习——高可用配置案例
如何避免选择不专业的建站公司?
Euclid's Game HDU - 1525(博弈)
面试笔记(六)---Js实现eventHandler
Windows 实例搭建的 FTP 在外网无法连接和访问
设计模式 : 桥接模式
USB 设备驱动开发之几个重要结构体分析
14-p14_sqrt求平方根
每日归档
更多
2024-04-29(40)
2024-04-28(0)
2024-04-27(56)
2024-04-26(39)
2024-04-25(22)
2024-04-24(36)
2024-04-23(26)
2024-04-22(39)
2024-04-21(0)
2024-04-20(6)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022