部署环境
| IP地址 |
主机名 |
功能 |
|---|---|---|
| 10.1.32.230 | k8s-deploy-test | 部署节点,不承担实际作用 |
| 10.1.32.231 | k8s-master-test01 | master节点 |
| 10.1.32.232 | k8s-master-test02 | master节点 |
| 10.1.32.233 | k8s-master-test03 | master节点 |
| 10.1.32.240 | k8s-nginx-test | 负载均衡节点,实际生产中应为HA架构 |
| 10.1.32.234 | k8s-node01-test01 | node节点 |
| 10.1.32.235 | k8s-node02-test02 | node节点 |
| 10.1.32.236 | k8s-node03-test03 | node节点 |
部署插件_CoreDNS
CoreDNS提供pod使用域名访问Service的能力,即部署完CoreDNS之后,可使用ServiceName.default.svc.cluster.local的方式访问服务。
部署CoreDNS(k8s-deploy,k8s-master):
部署CoreDNS(k8s-deploy):
cd /opt/k8s/work/kubernetes
tar -xzvf kubernetes-src.tar.gz
cd /opt/k8s/work/kubernetes/cluster/addons/dns/coredns
cp coredns.yaml.base coredns.yaml部署CoreDNS(k8s-deploy):
cd /opt/k8s/work/kubernetes/cluster/addons/dns/coredns
source /opt/k8s/bin/environment.sh
sed -i -e "s/__PILLAR__DNS__DOMAIN__/${CLUSTER_DNS_DOMAIN}/" \
-e "s/__PILLAR__DNS__SERVER__/${CLUSTER_DNS_SVC_IP}/" \
-e "s/__PILLAR__DNS__MEMORY__LIMIT__/512Mi/" \
-e "s@k8s.gcr.io@registry.cn-hangzhou.aliyuncs.com/google_containers@" coredns.yaml
scp coredns.yaml root@10.1.32.231:/opt/k8s/work/部署CoreDNS资源(k8s-master):
cd /opt/k8s/work/
kubectl apply -f coredns.yaml
kubectl get all -n kube-system
重启之前的nginx服务,检测是否可以获取dns服务器信息(k8s-master):
kubectl exec -it daemon-deployment-5d946c44dd-8x5qf -- cat /etc/resolv.conf
验证CoreDNS(k8s-master):
部署测试服务(k8s-master):
cat > dnsutils-ds.yml << EOF
apiVersion: v1
kind: Service
metadata:
name: dnsutils-ds
labels:
app: dnsutils-ds
spec:
type: NodePort
selector:
app: dnsutils-ds
ports:
- name: http
port: 80
targetPort: 80
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: dnsutils-ds
labels:
addonmanager.kubernetes.io/mode: Reconcile
spec:
selector:
matchLabels:
app: dnsutils-ds
template:
metadata:
labels:
app: dnsutils-ds
spec:
containers:
- name: my-dnsutils
image: tutum/dnsutils:latest
command:
- sleep
- "3600"
ports:
- containerPort: 80
EOF创建服务并确认服务启动(k8s-master):
kubectl apply -f dnsutils-ds.yml
kubectl get pod | grep dnsutils
验证CoreDNS功能(k8s-master):
kubectl exec dnsutils-ds-dxsrk -- nslookup kubernetes
kubectl exec dnsutils-ds-dxsrk -- nslookup nginx-service-prod
kubectl exec dnsutils-ds-dxsrk -- nslookup www.baidu.com- kubernetes为集群内部Kubernetes API的Service地址。
- daemon-nginx-service为测试nginx的Service地址。
- baidu.com为公网域名的测试地址。
文档更新时间: 2021-09-03 15:37 作者:闻骏
