By Zong

Contents
  1. 1. 搭建DNS
  2. 2. 修改kube-dns
  3. 3. 测试

上一篇文章 记录了K8s的DNS服务kube-dns搭建的过程,其中简略提到了一点就是kube-dns可以配置特定的域使用特定的DNS服务做解析。
相当于DNS中的NS记录,例如配置所有*.k8s.cn的解析都转发到169.169.0.3,下面是详细的配置。

搭建DNS

我选择使用dnsmasq在k8s中创建deploy,因为比较简单,在小型环境已经够用。我们使用ConfigMap写好dnsmasq的配置然后挂在pod上,DNS记录另外写一个文件。

注意不要用addn-hosts的方式写记录,经过测试这种方式会出现大量 dnsmasq[17]: Maximum number of concurrent DNS queries reached (max: 150) 并且解析缓慢

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
kind: ConfigMap
apiVersion: v1
metadata:
  name: dnsmasq-cm
data:
  dnsmasqconf: |-
    resolv-file=/etc/resolv.conf
    strict-order
    cache-size=1024
    listen-address=0.0.0.0
    interface=eth0
    conf-dir=/etc/dnsmasq.d
    log-queries
  records: |-
    address=/wx.k8s.cn/192.168.21.55
    address=/wx1.k8s.cn/192.168.21.56
    address=/wx3.k8s.cn/192.168.21.11
---
apiVersion: apps/v1beta1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
  name: dnsmasq-dep
  labels:
    app: dnsmasq
spec:
  replicas: 1
  selector:
    matchLabels:
      app: dnsmasq
  template:
    metadata:
      labels:
        app: dnsmasq
    spec:
      containers:
      - name: dns
        image: jpillora/dnsmasq 
        ports:
        - containerPort: 53
          protocol: TCP
        - containerPort: 53
          protocol: UDP
        volumeMounts:
        - mountPath: /etc/dnsmasq.conf
          name: dnsconf
          subPath: dnsmasq.conf
        - mountPath: /etc/dnsmasq.d/records.conf
          name: records
          subPath: records.conf
      volumes:
      - name: dnsconf
        configMap:
          name: dnsmasq-cm
          items:
          - key: dnsmasqconf
            path: dnsmasq.conf
      - name: records
        configMap:
          name: dnsmasq-cm
          items:
          - key: records
            path: records.conf
---
kind: Service
apiVersion: v1
metadata:
  name: dns-node-k8s
spec:
  clusterIP: 169.169.0.3
  selector:
    app: dnsmasq
  ports:
  - name: dnstcp
    protocol: TCP
    port: 53
    targetPort: 53
  - name: dnsudp
    protocol: UDP
    port: 53
    targetPort: 53

创建好后应该可以使用nslookup测试一下

1
2
3
4
5
/ # nslookup wx1.k8s.cn 169.169.0.3
Server:    169.169.0.3
Address 1: 169.169.0.3 dns-node-k8s.default.svc.wx-dev.local
Name:      wx1.k8s.cn
Address 1: 192.168.21.56 bogon

修改kube-dns

可以直接edit ConfigMap文件

1
sudo kubectl edit cm -n kube-system kube-dns

加上stubDomains内容后等待几分钟kube-dns会自动刷新。

1
2
3
4
5
6
7
8
9
10
apiVersion: v1
data:
  stubDomains: |
    {"k8s.cn": ["169.169.0.3"]}
kind: ConfigMap
metadata:
  labels:
    addonmanager.kubernetes.io/mode: EnsureExists
  name: kube-dns
  namespace: kube-system

测试

直接使用nslookup测试,配置正确能解析出对应的ip

1
2
3
4
5
/ # nslookup wx3.k8s.cn
Server:    169.169.0.2
Address 1: 169.169.0.2 kube-dns.kube-system.svc.wx-dev.local
Name:      wx3.k8s.cn
Address 1: 192.168.21.11 bogon
Contents
  1. 1. 搭建DNS
  2. 2. 修改kube-dns
  3. 3. 测试