CoreDNS
CoreDNS
coredns 是使用go语言实现的DNS,他不同于其他dns服务(例如bind),他是灵活的(flexible)大部分功能通过插件完成。
开源协议Apache2.0
安装
wget https://github.com/coredns/coredns/releases/download/v1.10.0/coredns_1.10.0_linux_amd64.tgz
tar xf coredns_1.10.0_linux_amd64.tgz -C /usr/bin/
coredns -dns.port=1053
https://coredns.io/manual/toc/
https://github.com/coredns/coredns
https://www.cnblogs.com/mashuai-191/p/11834241.html
https://www.cnblogs.com/lina-2159/p/16666696.html
查看支持哪些插件
[root@02 ~]# ./coredns --plugins
Server types:
  dns
Caddyfile loaders:
  flag
  default
Other plugins:
  dns.acl
  dns.any
  dns.auto
  dns.autopath
  dns.azure
  dns.bind
  dns.bufsize
  dns.cache
  dns.cancel
  dns.chaos
  dns.clouddns
  dns.debug
  dns.dns64
  dns.dnssec
  dns.dnstap
  dns.erratic
  dns.errors
  dns.etcd
  dns.file
  dns.forward
  dns.geoip
  dns.grpc
  dns.header
  dns.health
  dns.hosts
  dns.k8s_external
  dns.kubernetes
  dns.loadbalance
  dns.local
  dns.log
  dns.loop
  dns.metadata
  dns.minimal
  dns.nsid
  dns.pprof
  dns.prometheus
  dns.ready
  dns.reload
  dns.rewrite
  dns.root
  dns.route53
  dns.secondary
  dns.sign
  dns.template
  dns.tls
  dns.trace
  dns.transfer
  dns.whoami
  on
plugin.cfg
# Directives are registered in the order they should be executed.
#
# Ordering is VERY important. Every plugin will feel the effects of all other
# plugin below (after) them during a request, but they must not care what plugin
# above them are doing.
# How to rebuild with updated plugin configurations: Modify the list below and
# run `go generate && go build`
# The parser takes the input format of:
#
#     <plugin-name>:<package-name>
# Or
#     <plugin-name>:<fully-qualified-package-name>
#
# External plugin example:
#
# log:github.com/coredns/coredns/plugin/log
# Local plugin example:
# log:log
metadata:metadata
geoip:geoip
cancel:cancel
tls:tls
timeouts:timeouts
reload:reload
nsid:nsid
bufsize:bufsize
root:root
bind:bind
debug:debug
trace:trace
ready:ready
health:health
pprof:pprof
prometheus:metrics
errors:errors
log:log
dnstap:dnstap
local:local
dns64:dns64
acl:acl
any:any
chaos:chaos
loadbalance:loadbalance
tsig:tsig
cache:cache
rewrite:rewrite
header:header
dnssec:dnssec
autopath:autopath
minimal:minimal
template:template
transfer:transfer
hosts:hosts
route53:route53
azure:azure
clouddns:clouddns
k8s_external:k8s_external
kubernetes:kubernetes
file:file
auto:auto
secondary:secondary
etcd:etcd
loop:loop
forward:forward
grpc:grpc
erratic:erratic
whoami:whoami
on:github.com/coredns/caddy/onevent
sign:sign
view:view
- bind - as said, control to what interfaces to bind.
- root - set the root directory where CoreDNS plugins should look for files.
- health - enable HTTP health check endpoint.
- ready - support readiness reporting for a plugin.
coredns 二进制文件包含了所有插件,你可以通过重新编译来添加或删除插件
Corefile  为coredns配置文件 ,通过coredns -config Corefile 使用指定的corefile 配置文件,插件在corefile中的位置不影响插件的执行顺序(plugin.cfg 文件定义顺序决定)
插件
prometheus :暴露一组prometheus格式的指标。
.:53 {
	prometheus :9153
}
主要指标
- 
基本信息: coredns_build_info{version, revision, goversion}coredns_plugin_enabled{server, zone, view, name}
- 
99%查询响应时长 histogram_quantile(0.99,coredns_dns_request_duration_seconds_bucket)
- 
reload失败次数 coredns_reload_failed_total 0最后重启时间 coredns_hosts_reload_timestamp_seconds
- 
健康检查失败次数 coredns_health_request_failures_total
- 
缓存命中率 coredns_cache_hits_total/coredns_dns_requests_total
forward :转发dns查询到上游dns服务器
.:53 {
	forward . 8.8.8.8 114.114.114.114
}
.:53 {
	forward . /etc/resolv.conf {
		expire 10s
	}
}
hosts: 提供了自定义dns解析的能力,默认5s扫描一次文件的变动
.:53 {
        prometheus :9153
        # 使用本机的/etc/hosts文件
        hosts {
        	fallthrough
        }
}
.:53 {
        prometheus :9153
        # 使用/etc/test.host 文件中定义的地址解析
        hosts /etc/test.host {
        	fallthrough
        }
}
.:53 {
        prometheus :9153
        hosts {
                1.2.3.4 test.abcd
                1.2.3.5 test.abcd
                fallthrough
        }
}
简单测试未使用
docker run -d -p 9411:9411 openzipkin/zipkin
.:53 {
        trace zipkin 
}
cache: 缓存查询到本地默认 3600s
. {
	# 缓存10s
    cache 10
}
reload:自动加载Corefile配置
.:53 {
		# 默认间隔30s 左右抖动15s检查一次
        reload
}
.:53 {
        ready localhost:8080
        # 修改为2s 左右抖动1s 检查一次,这也是最小值
        reload 2s 1s
}
health :提供一个http://0.0.0.0:8080/health 的接口检查coredns是否就绪。主要关注coredns进程本身,通常使用在livenessProbe
.:53 {
	health
}
.:53 {
	health localhost:8080
}
ready: 提供一个http://0.0.0.0:8181/ready  的接口,当所有plugins都就绪是返回200,如果某个plugin不可用时返回503。可以用于readinessProbe
.:53 {
	ready
}
.:53 {
	ready localhost:8181
}
loadbalance: 定义dns轮询策略,默认rr
log 记录日志,支持对日志格式的定制
loop
kubernetes
k8s_external
配置文件示例
.:53 {
    errors
    health {
       lameduck 5s
    }
    ready
    hosts {
       10.4.7.1  salt-master
       10.4.7.1  salt-master2
       ttl 60
       fallthrough
    }
    kubernetes cluster.local in-addr.arpa ip6.arpa {
       pods insecure
       fallthrough in-addr.arpa ip6.arpa
       ttl 30
    }
    prometheus :9153
    forward . /etc/resolv.conf {
       max_concurrent 1000
    }
    cache 30
    loop
    reload
    loadbalance
}
coredns -conf corefile
 
                    
                     
                    
                 
                    
                 
                
            
         
         浙公网安备 33010602011771号
浙公网安备 33010602011771号