k8s(10):k8s安装(九)部署DNS

1. 部署coredns

[root@master-1 cfg]# mkdir /root/dns && cd /root/dns
[root@master-1 cfg]# kubectl apply -f coredns.yaml
#查询所有ns中的pod
[root@master-1 dns]# kubectl get pod -A
#查询指定ns中的pod
[root@master-1 dns]# kubectl get pod -n kube-system

#查看启动进程
[root@master-1 dns]# kubectl describe pod coredns-66db855d4d-26bvw  -n kube-system

2. 查看SVC

[root@master1 kubernetes]# kubectl get svc -o wide -n=kube-system
NAME             TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE   SELECTOR
kube-dns           ClusterIP   10.0.0.254   <none>        53/UDP,53/TCP,9153/TCP   27s   k8s-app=kube-dns

3. 验证DNS是否有效

3.1 删除之前创建的nginx demo

[root@master-1 cfg]#kubectl delete deployment nginx 
[root@master-1 cfg]#kubectl delete pods nginx
[root@master-1 cfg]#kubectl delete svc -l run=nginx
[root@master-1 cfg]#kubectl delete deployment.apps/nginx

3.2 启动新容器

[root@master-1 nginx]# kubectl run -it --rm --restart=Never --image=infoblox/dnstools:latest dnstools
#出现错误
error: unable to upgrade connection: Forbidden (user=system:anonymous, verb=create, resource=nodes, subresource=proxy)
#解决方法
[root@master-1 nginx]# kubectl create clusterrolebinding system:anonymous --clusterrole=cluster-admin --user=system:anonymous
[root@master-1 dns]# kubectl delete pod  dnstools
[root@master-1 nginx]# kubectl run -it --rm --restart=Never --image=infoblox/dnstools:latest dnstools

3.3 创建Nginx 容器

[root@master-1 ~]# kubectl run nginx --image=nginx --replicas=2
#创建svc (cluster IP)
# Create a service for an nginx deployment, which serves on port 88 and connects to the containers on port 80.
#template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
      --type='': Type for this service: ClusterIP, NodePort, LoadBalancer, or ExternalName. Default is 'ClusterIP'.
[root@master-1 ~]# kubectl expose deployment nginx --port=88 --target-port=80 --type=NodePort

3.4 查看SVC

[root@master-1 ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.0.0.1     <none>        443/TCP        158m
nginx        NodePort    10.0.0.55    <none>        88:35638/TCP   5s

3.5 测试解析Nginx

#测试解析nginx
#dns 解析的名称是svc (service 名称, 非pod名称)
dnstools# nslookup nginx
Server:         10.0.0.2
Address:        10.0.0.2#53

Name:   nginx.default.svc.cluster.local
Address: 10.0.0.55

3.6 案例:容器的网络访问不区分命名空间(kubernetes ns)

#在default ns 可以访问到kube-system ns 服务nginx
[root@master-1 ~]# kubectl run nginx-n1 --image=nginx --replicas=1 -n kube-system
# Create a service for an nginx deployment, which serves on port 99 and connects to the containers on port 80.

#查看容器状态(指定命名空间)
[root@master-3 ~]# kubectl get pods -n kube-system

#查看容器状态(显示所有的命名空间)
[root@master-2 ~]# kubectl get pod,svc -A
[root@master-1 ~]# kubectl expose deployment nginx-n1 --port=99 --target-port=80 -n kube-system

3.7 跨ns访问服务

[root@master-1 dns]# kubectl get svc -n kube-system | grep nginx-n1                     
nginx12    ClusterIP   10.0.0.196   <none>        80/TCP                   4m


#访问服务
dnstools# curl 10.0.0.196
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;

#解析不成功
dnstools# nslookup nginx-n1
Server:         10.0.0.2
Address:        10.0.0.2#53

** server can't find nginx-n1: NXDOMAIN

dnstools# nslookup nginx-n1
Server:         10.0.0.2
Address:        10.0.0.2#53

#解决方法(默认解析为default空间)
dnstools# nslookup nginx-n1.kube-system.svc.cluster.local
Server:         10.0.0.2
Address:        10.0.0.2#53

Name:   nginx-n1.kube-system.svc.cluster.local
Address: 10.0.0.196

 

posted on 2021-05-08 21:29  torotoise512  阅读(335)  评论(0)    收藏  举报