docker search coredns
docker pull xxx 拉取镜像(根据实际情况选择)
docker tag xxx coredns/coredns:latest
docker tag coredns/coredns:latest 192.168.0.1:5000/coredns/coredns:latest
docker push 192.168.0.1:5000/coredns/coredns:latest

kubectl create –f coredns.yaml

kubectl get pods -A
kubectl get svc -A

coredns.yaml:修改image: coredns/coredns:latest 和clusterIP: 10.1.0.2

apiVersion: v1

kind: ServiceAccount

metadata:

  name: coredns

  namespace: kube-system

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRole

metadata:

  labels:

    kubernetes.io/bootstrapping: rbac-defaults

  name: system:coredns

rules:

- apiGroups:

  - ""

  resources:

  - endpoints

  - services

  - pods

  - namespaces

  verbs:

  - list

  - watch

- apiGroups:

  - ""

  resources:

  - nodes

  verbs:

  - get

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

  annotations:

    rbac.authorization.kubernetes.io/autoupdate: "true"

  labels:

    kubernetes.io/bootstrapping: rbac-defaults

  name: system:coredns

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: system:coredns

subjects:

- kind: ServiceAccount

  name: coredns

  namespace: kube-system

---

apiVersion: v1

kind: ConfigMap

metadata:

  name: coredns

  namespace: kube-system

data:

  Corefile: |

    .:53 {

        errors

        health

        ready

        kubernetes cluster.local in-addr.arpa ip6.arpa {

          pods insecure

          fallthrough in-addr.arpa ip6.arpa

        }

        prometheus :9153

        forward . /etc/resolv.conf

        cache 30

        loop

        reload

        loadbalance

    }

---

apiVersion: apps/v1

kind: Deployment

metadata:

  name: coredns

  namespace: kube-system

  labels:

    k8s-app: kube-dns

    kubernetes.io/name: "CoreDNS"

spec:

  replicas: 2

  strategy:

    type: RollingUpdate

    rollingUpdate:

      maxUnavailable: 1

  selector:

    matchLabels:

      k8s-app: kube-dns

  template:

    metadata:

      labels:

        k8s-app: kube-dns

    spec:

      priorityClassName: system-cluster-critical

      serviceAccountName: coredns

      tolerations:

        - key: "CriticalAddonsOnly"

          operator: "Exists"

      nodeSelector:

        beta.kubernetes.io/os: linux

      containers:

      - name: coredns

        image: coredns/coredns:1.6.2

        imagePullPolicy: IfNotPresent

        resources:

          limits:

            memory: 170Mi

          requests:

            cpu: 100m

            memory: 70Mi

        args: [ "-conf", "/etc/coredns/Corefile" ]

        volumeMounts:

        - name: config-volume

          mountPath: /etc/coredns

          readOnly: true

        ports:

        - containerPort: 53

          name: dns

          protocol: UDP

        - containerPort: 53

          name: dns-tcp

          protocol: TCP

        - containerPort: 9153

          name: metrics

          protocol: TCP

        securityContext:

          allowPrivilegeEscalation: false

          capabilities:

            add:

            - NET_BIND_SERVICE

            drop:

            - all

          readOnlyRootFilesystem: true

        livenessProbe:

          httpGet:

            path: /health

            port: 8080

            scheme: HTTP

          initialDelaySeconds: 60

          timeoutSeconds: 5

          successThreshold: 1

          failureThreshold: 5

        readinessProbe:

          httpGet:

            path: /ready

            port: 8181

            scheme: HTTP

      dnsPolicy: Default

      volumes:

        - name: config-volume

          configMap:

            name: coredns

            items:

            - key: Corefile

              path: Corefile

---

apiVersion: v1

kind: Service

metadata:

  name: kube-dns

  namespace: kube-system

  annotations:

    prometheus.io/port: "9153"

    prometheus.io/scrape: "true"

  labels:

    k8s-app: kube-dns

    kubernetes.io/cluster-service: "true"

    kubernetes.io/name: "CoreDNS"

spec:

  selector:

    k8s-app: kube-dns

  clusterIP: 10.1.0.2

  ports:

  - name: dns

    port: 53

    protocol: UDP

  - name: dns-tcp

    port: 53

    protocol: TCP

  - name: metrics

    port: 9153

    protocol: TCP
############################################

#!/bin/bash

kubectl create -f coredns.yaml

kubectl create -f busybox.yaml

kubectl get all -A

kubectl exec busybox -- cat /etc/resolv.conf

kubectl exec -ti busybox -- nslookup kubernetes.default

apiVersion: v1

kind: Pod

metadata:

  name: busybox

  namespace: default

spec:

  containers:

  - name: busybox

    image: busybox:1.28

    command:

      - sleep

      - "3600"

    imagePullPolicy: IfNotPresent

  restartPolicy: Always

apiVersion: v1

kind: Endpoints

metadata:

  name: proxy-ext

  namespace: xxx

subsets:

  - addresses:

    - ip: xxx

    ports:

    - port: xxx

      protocol: TCP

---

apiVersion: v1

kind: Service

metadata:

  name: xxx

  namespace: xxx

spec:

  ports:

  - port: xxx

    targetPort: xxx

    protocol: TCP

k8s记录-kube-dns(core-dns)配置(七)的更多相关文章

  1. Ubuntu 12.04 DNS服务器的配置方法

    Bind是一款开放源码的DNS服务器软件,由美国加州大学Berkeley分校开发和维护的,全名为Berkeley Internet Name Domain它是目前世界上使用最为广泛的DNS服务器软件, ...

  2. Windows Server 2008 DNS服务器安装与配置

    Windows Server 2008 DNS服务器安装与配置本文关键字:Windows Server 2008 DNS.IIS 服务器安装与配置,DNS服务器本文来源:http://www.ip-t ...

  3. linux下ifconfig, DNS以及route配置

    转载:http://blog.csdn.net/wangjingfei/article/details/5283632/ 熟悉使用ifconfig 会非常方便. ifconfig eth0 新ip 然 ...

  4. 001.DNS原理及配置格式

    一 dns简介 DNS(Domain Name System,域名系统),因特网上作为域名和IP地址相互映射的一个分布式数据库,能够使用户更方便的访问互联网,而不用去记住能够被机器直接读取的IP数串. ...

  5. DNS Bind服务配置解析

    DNS域名解析服务(Domain Name System)是用于解析域名与IP地址对应关系的服务,功能上可以实现正向解析与反向解析: 一.DNS服务器工作模式分类: 1.主服务器:在特定区域内具有唯一 ...

  6. DNS和Bind配置指南

    /////////////////////////////目录//////////////////////////////////////一.DNS原理相关二.使用bind搭建最简单的DNS服务器三. ...

  7. Linux:DNS主、从、缓存服务器配置、DNS同步加密TSIG配置、DNS分离解析配置

    DNS主服务器配置(正向解析.反向解析) 正向解析:根据主机名查找对应的IP地址.当用户访问一个域名时(不考虑hosts文件等因素),正常情况会向指定的DNS主机发送递归查询请求反向解析:根据IP地址 ...

  8. DNS原理与配置

    DNS介绍 域名管理系统DNS(Domain Name System)是域名解析服务器的意思,应用层协议,是互联网的一项服务. DNS作用是: 把域名转换成网络可以识别的ip地址,在通过IP地址访问主 ...

  9. Linux之临时配置网络(ip,网关,dns)+永久配置

    作业一:临时配置网络(ip,网关,dns)+永久配置 配置网络信息 [root@localhost ~]# ifconfig eno16777736: flags=4163<UP,BROADCA ...

随机推荐

  1. spring boot项目打包成jar后请求访问乱码解决

    在启动jar的时候添加一个配置  -Dfile.encoding=utf-8  java -Dfile.encoding=utf-8 -jar xxxxtest-0.1.jar

  2. Codeforces D. Little Elephant and Interval(思维找规律数位dp)

    题目描述: Little Elephant and Interval time limit per test 2 seconds memory limit per test 256 megabytes ...

  3. Python中str()与repr()函数的区别——repr() 的输出追求明确性,除了对象内容,还需要展示出对象的数据类型信息,适合开发和调试阶段使用

    Python中str()与repr()函数的区别 from:https://www.jianshu.com/p/2a41315ca47e 在 Python 中要将某一类型的变量或者常量转换为字符串对象 ...

  4. 基于源代码为树莓派设备构建 TensorFlow

    本指南为运行 Raspbian 9.0 操作系统的 Raspberry Pi 嵌入式设备构建 TensorFlow.虽然这些说明可能也适用于其他系列的 Raspberry Pi 设备,但它仅针对此文中 ...

  5. word2vec中的subsampling

    http://d0evi1.com/word2vec-subsampling/ 为了度量这种罕见词与高频词间存在不平衡现象,我们使用一个简单的subsampling方法:训练集中的每个词wiwi,以下 ...

  6. iptables 通用语句

    iptables -t filter -nvL --line-number | grep destination -t :  指定表 {fillter|nat|mangle|raw} -v : 显示详 ...

  7. destoon系统结构大全

    自己整理的destoon系统结构目录,希望对开发者有些帮助! ( /代表的是目录  ├ 代表的是文件 ) /about关于我们页面 ├index.html关于我们 ├copyright.html版权隐 ...

  8. 前端性能----页面渲染(DOM)

    CSS会阻塞渲染树的构建,不阻塞DOM构建,但是在CSSOM构建完成之前,页面不会开始渲染(一片空白),CSSOM构建完成后,页面将会显示出内容. DOM(Document Object Model) ...

  9. SparkSQL读写外部数据源-通过jdbc读写mysql数据库

    object JdbcDatasourceTest { def main(args: Array[String]): Unit = { val spark = SparkSession .builde ...

  10. 【洛谷P2664】 树上游戏 点分治

    code: #include <bits/stdc++.h> #define N 200009 #define ll long long #define setIO(s) freopen( ...