打开APP
userphoto
未登录

开通VIP,畅享免费电子书等14项超值服

开通VIP

首页

好书

留言交流

下载APP

联系客服
k8s笔记009-kube-dns部署
userphoto 关注

1. 准备镜像
1.1 下载镜像
[root@harbor ~]# docker pull index.tenxcloud.com/jimmy/k8s-dns-dnsmasq-nanny-amd64:1.14.1
[root@harbor ~]# docker pull index.tenxcloud.com/jimmy/k8s-dns-kube-dns-amd64:1.14.1
[root@harbor ~]# docker pull index.tenxcloud.com/jimmy/k8s-dns-sidecar-amd64:1.14.1
1.2 对下载的镜像重新打tag
[root@harbor ~]# docker tag index.tenxcloud.com/jimmy/k8s-dns-dnsmasq-nanny-amd64:1.14.1 192.168.1.170/tzg-prod/k8s-dns-dnsmasq-nanny-amd64:1.14.1
[root@harbor ~]# docker tag index.tenxcloud.com/jimmy/k8s-dns-kube-dns-amd64:1.14.1 192.168.1.170/tzg-prod/k8s-dns-kube-dns-amd64:1.14.1
[root@harbor ~]# docker tag index.tenxcloud.com/jimmy/k8s-dns-sidecar-amd64:1.14.1 192.168.1.170/tzg-prod/k8s-dns-sidecar-amd64:1.14.1
1.3 将镜像上传到私有仓库
[root@harbor ~]# docker push 192.168.1.170/tzg-prod/k8s-dns-dnsmasq-nanny-amd64:1.14.1
[root@harbor ~]# docker push 192.168.1.170/tzg-prod/k8s-dns-kube-dns-amd64:1.14.1
[root@harbor ~]# docker push 192.168.1.170/tzg-prod/k8s-dns-sidecar-amd64:1.14.1
1.4 删除下载的镜像
[root@harbor ~]# docker rmi index.tenxcloud.com/jimmy/k8s-dns-dnsmasq-nanny-amd64:1.14.1
[root@harbor ~]# docker rmi index.tenxcloud.com/jimmy/k8s-dns-kube-dns-amd64:1.14.1
[root@harbor ~]# docker rmi index.tenxcloud.com/jimmy/k8s-dns-sidecar-amd64:1.14.1

2. 创建yaml文件
2.1 创建ConfigMap文件
[root@k8s-master01 kubedns]# vi kubedns-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: kube-dns
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: EnsureExists
2.2 创建Controller Manager文件
[root@k8s-master01 kubedns]# vi kubedns-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: kube-dns
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: EnsureExists
[root@k8s-master01 kubedns]# cat kubedns-controller.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kube-dns
namespace: kube-system
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
strategy:
rollingUpdate:
maxSurge: 10%
maxUnavailable: 0
selector:
matchLabels:
k8s-app: kube-dns
template:
metadata:
labels:
k8s-app: kube-dns
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
volumes:
- name: kube-dns-config
configMap:
name: kube-dns
optional: true
containers:
- name: kubedns
image: 192.168.1.170/tzg-prod/k8s-dns-kube-dns-amd64:1.14.1
resources:
limits:
memory: 170Mi
requests:
cpu: 100m
memory: 70Mi
livenessProbe:
httpGet:
path: /healthcheck/kubedns
port: 10054
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
httpGet:
path: /readiness
port: 8081
scheme: HTTP
initialDelaySeconds: 3
timeoutSeconds: 5
args:
- --domain=cluster.local.
- --dns-port=10053
- --config-dir=/kube-dns-config
- --v=2
env:
- name: PROMETHEUS_PORT
value: "10055"
ports:
- containerPort: 10053
name: dns-local
protocol: UDP
- containerPort: 10053
name: dns-tcp-local
protocol: TCP
- containerPort: 10055
name: metrics
protocol: TCP
volumeMounts:
- name: kube-dns-config
mountPath: /kube-dns-config
- name: dnsmasq
image: 192.168.1.170/tzg-prod/k8s-dns-dnsmasq-nanny-amd64:1.14.1
livenessProbe:
httpGet:
path: /healthcheck/dnsmasq
port: 10054
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
args:
- -v=2
- -logtostderr
- -configDir=/etc/k8s/dns/dnsmasq-nany
- -restartDnsmasq=true
- --
- -k
- --cache-size=1000
- --log-facility=-
- --server=/cluster.local./127.0.0.1#10053
- --server=/in-addr.arpa/127.0.0.1#10053
- --server=/ip6.arpa/127.0.0.1#10053
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
resources:
requests:
cpu: 150m
memory: 20Mi
volumeMounts:
- name: kube-dns-config
mountPath: /etc/k8s/dns/dnsmasq-nanny
- name: sidecar
image: 192.168.1.170/tzg-prod/k8s-dns-sidecar-amd64:1.14.1
livenessProbe:
httpGet:
path: /metrics
port: 10054
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
args:
- --v=2
- --logtostderr
- --probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.cluster.local.,5,A
- --probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.cluster.local.,5,A
ports:
- containerPort: 10054
name: metrics
protocol: TCP
resources:
requests:
memory: 20Mi
cpu: 10m
dnsPolicy: Default
serviceAccountName: kube-dns
2.3 创建ServiceAccount文件
[root@k8s-master01 kubedns]# vi kubedns-sa.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-dns
namespace: kube-system
labels:
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
2.4 创建Service文件
[root@k8s-master01 kubedns]# vi kubedns-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: kube-dns
namespace: kube-system
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
kubernetes.io/name: "KubeDNS"
spec:
selector:
k8s-app: kube-dns
clusterIP: 169.169.0.2
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
protocol: TCP

3. 根据yaml文件创建ConfigMap、ControllerManager、ServiceAccount、Service
3.1 创建对象
[root@k8s-master01 kubedns]# ls
kubedns-cm.yaml kubedns-controller.yaml kubedns-sa.yaml kubedns-svc.yaml
[root@k8s-master01 kubedns]# kubectl create -f .
configmap "kube-dns" created
deployment "kube-dns" created
serviceaccount "kube-dns" created
service "kube-dns" created
3.2 查看Deployment
[root@k8s-master01 kubedns]# kubectl get deploy --all-namespaces
NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
kube-system kube-dns 1 1 1 1 1m
3.3 查看Pods
[root@k8s-master01 kubedns]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system kube-dns-1869960205-tng14 3/3 Running 0 55s
3.4 查看Service
[root@k8s-master01 kubedns]# kubectl get svc --namespace=kube-system
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns 169.169.0.2 <none> 53/UDP,53/TCP 1m
3.5 查看ConfigMap
[root@k8s-master01 kubedns]# kubectl get ConfigMap --all-namespaces
NAMESPACE NAME DATA AGE
kube-system extension-apiserver-authentication 1 4d
kube-system kube-dns 0 1m

4. 修改kubelet配置(所有节点上都需要操作)
4.1 kubelet启动参数增加cluster-dns配置
[root@k8s-master01 ~]# vi /etc/kubernetes/kubelet
KUBELET_ARGS="--api-servers=https://172.18.0.200:6443 --hostname-override=172.18.0.142 --logtostderr=false --log-dir=/opt/logs/kubernetes --v=2 --allow-privileged=true
--kubeconfig=/etc/kubernetes/kubelet-kubeconfig --cgroup-driver=systemd --cluster-dns=169.169.0.2 --cluster-domain=cluster.local."
4.2 重启kubelet
[root@k8s-master01 ~]# systemctl restart kubelet

5. 校验kubedns功能
5.1 创建一个my-nginx的Deployment文件
[root@k8s-master01 testkubedns]# vim my-nginx-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 2
template:
metadata:
labels:
run: my-nginx
spec:
containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
5.2 创建Deployment
[root@k8s-master01 testkubedns]# kubectl create -f ./my-nginx-deployment.yaml
deployment "my-nginx" created
[root@k8s-master01 testkubedns]# kubectl get deploy my-nginx
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
my-nginx 2 2 2 2 1m
5.3 发布服务
[root@k8s-master01 testkubedns]# kubectl expose deploy my-nginx
service "my-nginx" exposed
[root@k8s-master01 testkubedns]# kubectl get svc my-nginx
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
my-nginx 169.169.255.45 <none> 80/TCP 8s
[root@k8s-master01 testkubedns]# kubectl get svc my-nginx -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: 2017-09-12T12:41:01Z
labels:
run: my-nginx
name: my-nginx
namespace: default
resourceVersion: "135846"
selfLink: /api/v1/namespaces/default/services/my-nginx
uid: a26d00c0-97b7-11e7-8c4a-000c298d23b9
spec:
clusterIP: 169.169.255.45
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
run: my-nginx
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
5.4 再创建一个deployment
[root@k8s-master01 testkubedns]# kubectl run nginx --image=nginx
deployment "nginx" created
[root@k8s-master01 testkubedns]# kubectl get pods
NAME READY STATUS RESTARTS AGE
my-nginx-4293833666-1z7q7 1/1 Running 0 3m
my-nginx-4293833666-37mcr 1/1 Running 0 3m
nginx-4217019353-8gq4f 1/1 Running 0 5s
5.5 拷贝ping命令及相关lib库到新启动的nginx pod中
[root@k8s-master01 testkubedns]# kubectl cp /usr/bin/ping nginx-4217019353-whx5b:/usr/bin/
[root@k8s-master01 testkubedns]# kubectl cp /usr/lib64/libcap.so.2 nginx-4217019353-whx5b:/usr/lib/
[root@k8s-master01 testkubedns]# kubectl cp /usr/lib64/libidn.so.11 nginx-4217019353-whx5b:/usr/lib/
[root@k8s-master01 testkubedns]# kubectl cp /usr/lib64/libcrypto.so.10 nginx-4217019353-whx5b:/usr/lib/
5.5 进入新启动的nginx pod中,然后ping之前创建的my-nginx服务,看是否能正常解析到dns地址
[root@k8s-master01 testkubedns]# kubectl exec nginx-4217019353-whx5b -ti -- /bin/bash
root@nginx-4217019353-whx5b:/# ping my-nginx
PING my-nginx.default.svc.cluster.local (169.169.255.45) 56(84) bytes of data.

本站仅提供存储服务,所有内容均由用户发布,如发现有害或侵权内容,请点击举报
打开APP,阅读全文并永久保存 查看更多类似文章
猜你喜欢
类似文章
【热】打开小程序,算一算2024你的财运
3.kubernetes的服务发现插件-CoreDNS
Docker集群管理工具-Kubernetes部署记录
centos7 搭建 kubernetes1.16.7 集群 II (ingress)
容器编排系统K8s之访问控制--RBAC授权
基于Kubernetes集群部署skyDNS服务
ubuntu18安装Kubernetes 1.20.5
更多类似文章 >>
生活服务
热点新闻
留言交流
回顶部
联系我们
分享 收藏 导长图 关注 下载文章
绑定账号成功
后续可登录账号畅享VIP特权!
如果VIP功能使用有故障,
可点击这里联系客服!

联系客服