coredns自定义域名解析。
因为一些内网的自定义域名需要解析,这里通过coredns配置来处理
kubectl edit configmap -n kube-system coredns
apiVersion: v1
data:
Corefile: |
.:53 {
errors
health {
lameduck 5s
}
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
prometheus :9153
forward . /etc/resolv.conf {
max_concurrent 1000
}
cache 30
loop
reload
loadbalance
hosts { // 此处新增
192.168.0.51 gitea.zkldragon.org
fallthrough
}
}
kind: ConfigMap
metadata:
creationTimestamp: "2023-03-16T08:55:23Z"
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data: {}
manager: kubeadm
operation: Update
time: "2023-03-16T08:55:23Z"
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
f:Corefile: {}
manager: kubectl
operation: Update
time: "2023-03-22T10:50:53Z"
name: coredns
namespace: kube-system
resourceVersion: "1325386"
selfLink: /api/v1/namespaces/kube-system/configmaps/coredns
uid: b6270bb0-e716-4da5-bb58-3c31bcc7ca68--- 可以看下
coredns.ymal -- 配置
---
kind: ReplicaSet
metadata:
annotations:
deployment.kubernetes.io/desired-replicas: '2'
deployment.kubernetes.io/max-replicas: '3'
labels:
k8s-app: kube-dns
pod-template-hash: 66db54ff7f
name: coredns-66db54ff7f
namespace: kube-system
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: Deployment
name: coredns
uid: 0fa71939-8581-4723-9b1a-9e00f202b673
resourceVersion: '628'
spec:
replicas: 2
selector:
matchLabels:
k8s-app: kube-dns
pod-template-hash: 66db54ff7f
template:
metadata:
creationTimestamp: null
labels:
k8s-app: kube-dns
pod-template-hash: 66db54ff7f
spec:
containers:
- args:
- '-conf'
- /etc/coredns/Corefile
image: 'registry.aliyuncs.com/k8sxio/coredns:1.6.7'
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 5
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
name: coredns
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
- containerPort: 9153
name: metrics
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: 8181
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
limits:
memory: 170Mi
requests:
cpu: 100m
memory: 70Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- NET_BIND_SERVICE
drop:
- all
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/coredns
name: config-volume
readOnly: true
dnsPolicy: Default
nodeSelector:
kubernetes.io/os: linux
priorityClassName: system-cluster-critical
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: coredns
serviceAccountName: coredns
terminationGracePeriodSeconds: 30
tolerations:
- key: CriticalAddonsOnly
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/master
volumes:
- configMap:
defaultMode: 420
items:
- key: Corefile
path: Corefile
name: coredns
name: config-volume
status:
availableReplicas: 2
fullyLabeledReplicas: 2
observedGeneration: 1
readyReplicas: 2
replicas: 2乐享:知识积累,快乐无限。
