如何部署coredns-创新互联

CoreDNS 其实就是一个 DNS 服务,而 DNS 作为一种常见的服务发现手段,所以很多开源项目以及工程师都会使用 CoreDNS 为集群提供服务发现的功能,Kubernetes 就在集群中使用 CoreDNS 解决服务发现的问题。

泸水ssl适用于网站、小程序/APP、API接口等需要进行数据传输应用场景,ssl证书未来市场广阔!成为创新互联建站的ssl证书销售渠道,可以享受市场价格4-6折优惠!如果有意向欢迎电话联系或者加微信:13518219792(备注:SSL证书合作)期待与您的合作!

coredns镜像版本:v1.6.6
以下是部署所需YAML 文件, 主要修改位置:Service中的clusterIP
YAML文件来源:
https://github.com/coredns/deployment/tree/master/kubernetes    
coredns.yaml.sed  修改而来。

apiVersion: v1
kind: ServiceAccount
metadata:
  name: coredns
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
   kubernetes.io/bootstrapping: rbac-defaults
  name: system:coredns
rules:
- apiGroups:
  - ""
  resources:
  - endpoints
  - services
  - pods
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  annotations:
   rbac.authorization.kubernetes.io/autoupdate: "true"
  labels:
   kubernetes.io/bootstrapping: rbac-defaults
  name: system:coredns
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:coredns
subjects:
- kind: ServiceAccount
  name: coredns
  namespace: kube-system
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: coredns
  namespace: kube-system
data:
  Corefile: |
   .:53 {
     errors
     health {
      lameduck 5s
     }
     ready
     kubernetes cluster.local in-addr.arpa ip6.arpa {
      fallthrough in-addr.arpa ip6.arpa
     }
     prometheus :9153
     forward . /etc/resolv.conf
     cache 30
     loop
     reload
     loadbalance
   }
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: coredns
  namespace: kube-system
  labels:
   k8s-app: kube-dns
   kubernetes.io/name: "CoreDNS"
spec:
  # replicas: not specified here:
  # 1. Default is 1.
  # 2. Will be tuned in real time if DNS horizontal auto-scaling is turned on.
  strategy:
   type: RollingUpdate
   rollingUpdate:
    maxUnavailable: 1
  selector:
   matchLabels:
    k8s-app: kube-dns
  template:
   metadata:
    labels:
     k8s-app: kube-dns
   spec:
    priorityClassName: system-cluster-critical
    serviceAccountName: coredns
    tolerations:
     - key: "CriticalAddonsOnly"
      operator: "Exists"
    nodeSelector:
     beta.kubernetes.io/os: linux
    affinity:
     podAntiAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
      - labelSelector:
        matchExpressions:
        - key: k8s-app
         operator: In
         values: ["kube-dns"]
       topologyKey: kubernetes.io/hostname
    containers:
    - name: coredns
     image: coredns/coredns:1.6.6
     imagePullPolicy: IfNotPresent
     resources:
      limits:
       memory: 170Mi
      requests:
       cpu: 100m
       memory: 70Mi
     args: [ "-conf", "/etc/coredns/Corefile" ]
     volumeMounts:
     - name: config-volume
      mountPath: /etc/coredns
      readOnly: true
     ports:
     - containerPort: 53
      name: dns
      protocol: UDP
     - containerPort: 53
      name: dns-tcp
      protocol: TCP
     - containerPort: 9153
      name: metrics
      protocol: TCP
     securityContext:
      allowPrivilegeEscalation: false
      capabilities:
       add:
       - NET_BIND_SERVICE
       drop:
       - all
      readOnlyRootFilesystem: true
     livenessProbe:
      httpGet:
       path: /health
       port: 8080
       scheme: HTTP
      initialDelaySeconds: 60
      timeoutSeconds: 5
      successThreshold: 1
      failureThreshold: 5
     readinessProbe:
      httpGet:
       path: /ready
       port: 8181
       scheme: HTTP
    dnsPolicy: Default
    volumes:
     - name: config-volume
      configMap:
       name: coredns
       items:
       - key: Corefile
        path: Corefile
---
apiVersion: v1
kind: Service
metadata:
  name: kube-dns
  namespace: kube-system
  annotations:
   prometheus.io/port: "9153"
   prometheus.io/scrape: "true"
  labels:
   k8s-app: kube-dns
   kubernetes.io/cluster-service: "true"
   kubernetes.io/name: "CoreDNS"
spec:
  selector:
   k8s-app: kube-dns
  clusterIP: 10.110.0.2
  ports:
  - name: dns
   port: 53
   protocol: UDP
  - name: dns-tcp
   port: 53
   protocol: TCP
  - name: metrics
   port: 9153
   protocol: TCP

另外有需要云服务器可以了解下创新互联cdcxhl.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。


文章名称:如何部署coredns-创新互联
标题链接:http://scyanting.com/article/ccjhoe.html