k8s之CoreDNS取经之路

50902636

于 2025-03-15 06:00:00 发布

阅读量1k

点赞数 32

分类专栏： # kubernetes 文章标签： kubernetes 容器云原生 coredns

本文链接：https://blog.youkuaiyun.com/weixin_50902636/article/details/146224280

版权

文章目录

前言
环境
一、部署coredns
二、coredns基础知识
三、coredns解析方式示例
四、k8s域名解析故障排查处理思路

前言

在 Kubernetes 集群中，CoreDNS 是一个关键的基础组件，负责域名解析和服务发现。无论是内部服务通信还是访问外部域名，CoreDNS 都为我们提供了高效、灵活的支持。本文将通俗易懂地介绍 CoreDNS 的作用、工作流程，并通过一些常见的配置案例帮助你更好地理解它的功能

环境

ip	作用
192.168.56.100	nginx(用于测试opstests.jdicity.local)
192.168.56.101	k8s-master
192.168.56.102	k8s-node、named(自建dns服务器)

DNS架构
在这里插入图片描述

一、部署coredns

yaml文件示例

apiVersion: v1
kind: ServiceAccount
metadata:
  name: coredns
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    kubernetes.io/bootstrapping: rbac-defaults
  name: system:coredns
rules:
  - apiGroups:
    - ""
    resources:
    - endpoints
    - services
    - pods
    - namespaces
    verbs:
    - list
    - watch
  - apiGroups:
    - discovery.k8s.io
    resources:
    - endpointslices
    verbs:
    - list
    - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
  labels:
    kubernetes.io/bootstrapping: rbac-defaults
  name: system:coredns
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:coredns
subjects:
- kind: ServiceAccount
  name: coredns
  namespace: kube-system
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: coredns
  namespace: kube-system
data:
  Corefile: |
    .:53 {
        errors
        health {
          lameduck 5s
        }
        ready
        kubernetes CLUSTER_DOMAIN REVERSE_CIDRS {
          fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        forward . UPSTREAMNAMESERVER {
          max_concurrent 1000
        }
        cache 30
        loop
        reload
        loadbalance
    }STUBDOMAINS
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: coredns
  namespace: kube-system
  labels:
    k8s-app: kube-dns
    kubernetes.io/name: "CoreDNS"
    app.kubernetes.io/name: coredns
spec:
  # replicas: not specified here:
  # 1. Default is 1.
  # 2. Will be tuned in real time if DNS horizontal auto-scaling is turned on.
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1
  selector:
    matchLabels:
      k8s-app: kube-dns
      app.kubernetes.io/name: coredns
  template:
    metadata:
      labels:
        k8s-app: kube-dns
        app.kubernetes.io/name: coredns
    spec:
      priorityClassName: system-cluster-critical
      serviceAccountName: coredns
      tolerations:
        - key: "CriticalAddonsOnly"
          operator: "Exists"
      nodeSelector:
        ku

最低0.47元/天解锁文章