本文已参与「新人创作礼」活动,一起开启掘金创作之路
一、安装
1、安装脚本
[root@master1 ~]# mkdir -p ${K8S_INST_DIR}/coredns
[root@master1 ~]# cd ${K8S_INST_DIR}/coredns
[root@master1 coredns]# git clone https://github.com/coredns/deployment.git
[root@master1 coredns]# cd deployment/kubernetes
[root@master1 kubernetes]# deploy.sh -i $CLUSTER_DNS_SVC_IP -d $CLUSTER_DNS_DOMAIN > coredns.yaml
[root@master1 kubernetes]# kubectl apply -f coredns.yaml
2、配置
- CoreDNS 配置参考 coredns.io/manual/toc/…
- coredns.yaml,Corefile 部分内容如下
data:
Corefile: |
.:53 {
errors
health {
lameduck 5s
}
ready
kubernetes cluster.vpk8s in-addr.arpa ip6.arpa {
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
forward . /etc/resolv.conf {
max_concurrent 1000
}
cache 30
loop
reload
loadbalance
}
- log:打印/存储日志信息
- errors:打印/存储错误日志
- hosts:加载 /etc/hosts 文件里面的解析信息,如果一个域名在 hosts 文件中存在,则优先使用这个信息返回
- fallthrough:如果 hosts 中找不到,则进入下一个 plugin 继续,少这一个指令,后面的 plugins 配置就无意义了
- reload : 多久扫描配置文件一次。如有变更,自动加载
- cache: 缓存时间(TTL),单位:秒(s),最大值3600s
- TTL(Time To Live),生存时间
- loop会寻找node节点的dns服务器作为pod节点的上游服务器,但是这个会偶然导致coredns无法正常启动
- 部署后可以通过 kubectl edit configmap coredns -n kube-system 修改配置
二、测试 CoreDNS
1、查看服务状态
[root@master1 ~]# kubectl get rs,deploy,svc,pods -n kube-system| grep dns
replicaset.apps/coredns-799bc9dbc6 1 1 1 12m
deployment.apps/coredns 1/1 1 1 12m
service/kube-dns ClusterIP 10.66.0.2 <none> 53/UDP,53/TCP,9153/TCP 12m
pod/coredns-799bc9dbc6-zvhzv 1/1 Running 0 12m
[root@master1 ~]#
2、进入容器测试
[root:1070@master1 ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
default pingtest-ip-pool-1-677bd7dc78-26hf7 1/1 Running 0 28m
default pingtest-ip-pool-1-677bd7dc78-vz2c2 1/1 Running 0 28m
default pingtest-ip-pool-2-5f7bb9f589-drmjf 1/1 Running 0 28m
default pingtest-ip-pool-2-5f7bb9f589-ndn57 1/1 Running 0 28m
kube-system coredns-799bc9dbc6-8b6c8 1/1 Running 0 5m28s
kube-system k8s-demo-calico-node-app-9lpnx 1/1 Running 0 29m
kube-system k8s-demo-calico-node-app-fcm6c 1/1 Running 0 29m
kube-system k8s-demo-calico-node-app-jkzcb 1/1 Running 0 29m
kube-system k8s-demo-calico-node-app-k5tbg 1/1 Running 0 25m
kube-system k8s-demo-calico-node-app-kr88w 1/1 Running 0 29m
kube-system k8s-demo-calico-node-app-wl6bk 1/1 Running 0 29m
kube-system k8s-demo-calico-typha-app-5d4b9f9f88-4vt2r 1/1 Running 0 29m
kube-system k8s-demo-calico-typha-app-5d4b9f9f88-tnxs7 1/1 Running 0 29m
kube-system k8s-demo-calico-typha-app-5d4b9f9f88-xxpb7 1/1 Running 0 29m
[root:1071@master1 ~]# kubectl exec -it pingtest-ip-pool-1-677bd7dc78-26hf7 -- sh
/ # nslookup kubernetes
Server: 10.1.0.2
Address: 10.1.0.2:53
Name: kubernetes.default.svc.cluster.vpk8s
Address: 10.1.0.1
/ # nslookup www.baidu.com
Server: 10.1.0.2
Address: 10.1.0.2:53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com
Name: www.a.shifen.com
Address: 14.215.177.39
Name: www.a.shifen.com
Address: 14.215.177.38
/ # ping calico-typha.kube-system -c 4
PING calico-typha.kube-system (10.1.159.219): 56 data bytes
64 bytes from 10.1.159.219: seq=0 ttl=64 time=0.074 ms
64 bytes from 10.1.159.219: seq=1 ttl=64 time=0.101 ms
64 bytes from 10.1.159.219: seq=2 ttl=64 time=0.149 ms
64 bytes from 10.1.159.219: seq=3 ttl=64 time=0.097 ms
--- calico-typha.kube-system ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.074/0.105/0.149 ms
/ #
三、问题排查
1、遇到的问题
- server can’t find kubernetes.default.svc.cluster.vpk8s: NXDOMAIN
- Can’t find kubernetes.svc.cluster.vpk8s: No answer
- nslookup: can’t resolve ‘kubernetes’
2、排查问题步骤
- 测试用的busybox 1.29版本有问题,换成1.28版本试试
- 网络插件是否安装成功,即Pod夸主机通讯以及Pod和ServiceIP通讯是否正常
- 查看CoreDNS Pod状态(kubectl get pod,svc,deploy,rc,rs -A | grep dns)
- 查看CoreDNS pod Events(kubectl describe pod coredns-6746cb5997-nnw7h -n kube-system)
- 查看CoreDNS pod日志 (kubectl logs -f pod/coredns-6746cb5997-nnw7h -n kube-system)
- 查看kube-proxy日志(journalctl -f -u kube-proxy)
- 查看kube-apiserver日志(journalctl -f -u kube-apiserver)
- 先用起来,通过操作实践认识kubernetes(k8s),积累多了自然就理解了
- 把理解的知识分享出来,自造福田,自得福缘
- 追求简单,容易使人理解,知识的上下文也是知识的一部分,例如版本,时间等
- 欢迎留言交流,也可以提出问题,一般在周末回复和完善文档
- Jason@vip.qq.com 2022-5-26
