k8s笔记009kubedns部署.docx
《k8s笔记009kubedns部署.docx》由会员分享,可在线阅读,更多相关《k8s笔记009kubedns部署.docx(13页珍藏版)》请在冰豆网上搜索。
k8s笔记009kubedns部署
k8s笔记009-kube-dns部署
1.准备镜像
1.1下载镜像
[root@harbor~]#dockerpull
[root@harbor~]#dockerpull
[root@harbor~]#dockerpull
1.2对下载的镜像重新打tag
[root@harbor~]#dockertag192.168.1.170/tzg-prod/k8s-dns-dnsmasq-nanny-amd64:
1.14.1
[root@harbor~]#dockertag192.168.1.170/tzg-prod/k8s-dns-kube-dns-amd64:
1.14.1
[root@harbor~]#dockertag192.168.1.170/tzg-prod/k8s-dns-sidecar-amd64:
1.14.1
1.3将镜像上传到私有仓库
[root@harbor~]#dockerpush192.168.1.170/tzg-prod/k8s-dns-dnsmasq-nanny-amd64:
1.14.1
[root@harbor~]#dockerpush192.168.1.170/tzg-prod/k8s-dns-kube-dns-amd64:
1.14.1
[root@harbor~]#dockerpush192.168.1.170/tzg-prod/k8s-dns-sidecar-amd64:
1.14.1
1.4删除下载的镜像
[root@harbor~]#dockerrmi
[root@harbor~]#dockerrmi
[root@harbor~]#dockerrmi创建yaml文件
2.1创建ConfigMap文件
[root@k8s-master01kubedns]#vikubedns-cm.yaml
apiVersion:
v1
kind:
ConfigMap
metadata:
name:
kube-dns
namespace:
kube-system
labels:
addonmanager.kubernetes.io/mode:
EnsureExists
2.2创建ControllerManager文件
[root@k8s-master01kubedns]#vikubedns-cm.yaml
apiVersion:
v1
kind:
ConfigMap
metadata:
name:
kube-dns
namespace:
kube-system
labels:
addonmanager.kubernetes.io/mode:
EnsureExists
[root@k8s-master01kubedns]#catkubedns-controller.yaml
apiVersion:
extensions/v1beta1
kind:
Deployment
metadata:
name:
kube-dns
namespace:
kube-system
labels:
k8s-app:
kube-dns
kubernetes.io/cluster-service:
"true"
addonmanager.kubernetes.io/mode:
Reconcile
spec:
strategy:
rollingUpdate:
maxSurge:
10%
maxUnavailable:
0
selector:
matchLabels:
k8s-app:
kube-dns
template:
metadata:
labels:
k8s-app:
kube-dns
annotations:
scheduler.alpha.kubernetes.io/critical-pod:
''
spec:
tolerations:
-key:
"CriticalAddonsOnly"
operator:
"Exists"
volumes:
-name:
kube-dns-config
configMap:
name:
kube-dns
optional:
true
containers:
-name:
kubedns
image:
192.168.1.170/tzg-prod/k8s-dns-kube-dns-amd64:
1.14.1
resources:
limits:
memory:
170Mi
requests:
cpu:
100m
memory:
70Mi
livenessProbe:
httpGet:
path:
/healthcheck/kubedns
port:
10054
scheme:
HTTP
initialDelaySeconds:
60
timeoutSeconds:
5
successThreshold:
1
failureThreshold:
5
readinessProbe:
httpGet:
path:
/readiness
port:
8081
scheme:
HTTP
initialDelaySeconds:
3
timeoutSeconds:
5
args:
---domain=cluster.local.
---dns-port=10053
---config-dir=/kube-dns-config
---v=2
env:
-name:
PROMETHEUS_PORT
value:
"10055"
ports:
-containerPort:
10053
name:
dns-local
protocol:
UDP
-containerPort:
10053
name:
dns-tcp-local
protocol:
TCP
-containerPort:
10055
name:
metrics
protocol:
TCP
volumeMounts:
-name:
kube-dns-config
mountPath:
/kube-dns-config
-name:
dnsmasq
image:
192.168.1.170/tzg-prod/k8s-dns-dnsmasq-nanny-amd64:
1.14.1
livenessProbe:
httpGet:
path:
/healthcheck/dnsmasq
port:
10054
scheme:
HTTP
initialDelaySeconds:
60
timeoutSeconds:
5
successThreshold:
1
failureThreshold:
5
args:
--v=2
--logtostderr
--configDir=/etc/k8s/dns/dnsmasq-nany
--restartDnsmasq=true
---
--k
---cache-size=1000
---log-facility=-
---server=/cluster.local./127.0.0.1#10053
---server=/in-addr.arpa/127.0.0.1#10053
---server=/ip6.arpa/127.0.0.1#10053
ports:
-containerPort:
53
name:
dns
protocol:
UDP
-containerPort:
53
name:
dns-tcp
protocol:
TCP
resources:
requests:
cpu:
150m
memory:
20Mi
volumeMounts:
-name:
kube-dns-config
mountPath:
/etc/k8s/dns/dnsmasq-nanny
-name:
sidecar
image:
192.168.1.170/tzg-prod/k8s-dns-sidecar-amd64:
1.14.1
livenessProbe:
httpGet:
path:
/metrics
port:
10054
scheme:
HTTP
initialDelaySeconds:
60
timeoutSeconds:
5
successThreshold:
1
failureThreshold:
5
args:
---v=2
---logtostderr
---probe=kubedns,127.0.0.1:
10053,kubernetes.default.svc.cluster.local.,5,A
---probe=dnsmasq,127.0.0.1:
53,kubernetes.default.svc.cluster.local.,5,A
ports:
-containerPort:
10054
name:
metrics
protocol:
TCP
resources:
requests:
memory:
20Mi
cpu:
10m
dnsPolicy:
Default
serviceAccountName:
kube-dns
2.3创建ServiceAccount文件
[root@k8s-master01kubedns]#vikubedns-sa.yaml
apiVersion:
v1
kind:
ServiceAccount
metadata:
name:
kube-dns
namespace:
kube-system
labels:
kubernetes.io/cluster-service:
"true"
addonmanager.kubernetes.io/mode:
Reconcile
2.4创建Service文件
[root@k8s-master01kubedns]#vikubedns-svc.yaml
apiVersion:
v1
kind:
Service
metadata:
name:
kube-dns
namespace:
kube-system
labels:
k8s-app:
kube-dns
kubernetes.io/cluster-service:
"true"
addonmanager.kubernetes.io/mode:
Reconcile
kubernetes.io/name:
"KubeDNS"
spec:
selector:
k8s-app:
kube-dns
clusterIP:
169.169.0.2
ports:
-name:
dns
port:
53
protocol:
UDP
-name:
dns-tcp
port:
53
protocol:
TCP3.根据yaml文件创建ConfigMap、ControllerManager、ServiceAccount、Service
3.1创建对象
[root@k8s-master01kubedns]#ls
kubedns-cm.yamlkubedns-controller.yamlkubedns-sa.yamlkubedns-svc.yaml
[root@k8s-master01kubedns]#kubectlcreate-f.
configmap"kube-dns"created
deployment"kube-dns"created
serviceaccount"kube-dns"created
service"kube-dns"created
3.2查看Deployment
[root@k8s-master01kubedns]#kubectlgetdeploy--all-namespaces
NAMESPACENAMEDESIREDCURRENTUP-TO-DATEAVAILABLEAGE
kube-systemkube-dns11111m
3.3查看Pods
[root@k8s-master01kubedns]#kubectlgetpods--all-namespaces
NAMESPACENAMEREADYSTATUSRESTARTSAGE
kube-systemkube-dns-1869960205-tng143/3Running055s
3.4查看Service
[root@k8s-master01kubedns]#kubectlgetsvc--namespace=kube-system
NAMECLUSTER-IPEXTERNAL-IPPORT(S)AGE
kube-dns169.169.0.253/UDP,53/TCP1m
3.5查看ConfigMap
[root@k8s-master01kubedns]#kubectlgetConfigMap--all-namespaces
NAMESPACENAMEDATAAGE
kube-systemextension-apiserver-authentication14d
kube-systemkube-dns01m4.修改kubelet配置(所有节点上都需要操作)
4.1kubelet启动参数增加cluster-dns配置
[root@k8s-master01~]#vi/etc/kubernetes/kubelet
KUBELET_ARGS="--api-servers=https:
//172.18.0.200:
6443--hostname-override=172.18.0.142--logtostderr=false--log-dir=/opt/logs/kubernetes--v=2--allow-privileged=true
--kubeconfig=/etc/kubernetes/kubelet-kubeconfig--cgroup-driver=systemd--cluster-dns=169.169.0.2--cluster-domain=cluster.local."
4.2重启kubelet
[root@k8s-master01~]#systemctlrestartkubelet5.校验kubedns功能
5.1创建一个my-nginx的Deployment文件
[root@k8s-master01testkubedns]#vimmy-nginx-deployment.yaml
apiVersion:
extensions/v1beta1
kind:
Deployment
metadata:
name:
my-nginx
spec:
replicas:
2
template:
metadata:
labels:
run:
my-nginx
spec:
containers:
-name:
my-nginx
image:
nginx
ports:
-containerPort:
80
5.2创建Deployment
[root@k8s-master01testkubedns]#kubectlcreate-f./my-nginx-deployment.yaml
deployment"my-nginx"created
[root@k8s-master01testkubedns]#kubectlgetdeploymy-nginx
NAMEDESIREDCURRENTUP-TO-DATEAVAILABLEAGE
my-nginx22221m
5.3发布服务
[root@k8s-master01testkubedns]#kubectlexposedeploymy-nginx
service"my-nginx"exposed
[root@k8s-master01testkubedns]#kubectlgetsvcmy-nginx
NAMECLUSTER-IPEXTERNAL-IPPORT(S)AGE
my-nginx169.169.255.4580/TCP8s
[root@k8s-master01testkubedns]#kubectlgetsvcmy-nginx-oyaml
apiVersion:
v1
kind:
Service
metadata:
creationTimestamp:
2017-09-12T12:
41:
01Z
labels:
run:
my-nginx
name:
my-nginx
namespace:
default
resourceVersion:
"135846"
selfLink:
/api/v1/namespaces/default/services/my-nginx
uid:
a26d00c0-97b7-11e7-8c4a-000c298d23b9
spec:
clusterIP:
169.169.255.45
ports:
-port:
80
protocol:
TCP
targetPort:
80
selector:
run:
my-nginx
sessionAffinity:
None
type:
ClusterIP
status:
loadBalancer:
{}
5.4再创建一个deployment
[root@k8s-master01testkubedns]#kubectlrunnginx--image=nginx
deployment"nginx"created
[root@k8s-master01testkubedns]#kubectlgetpods
NAMEREADYSTATUSRESTARTSAGE
my-nginx-4293833666-1z7q71/1Running03m
my-nginx-4293833666-37mcr1/1Running03m
nginx-4217019353-8gq4f1/1Running05s
5.5拷贝ping命令及相关lib库到新启动的nginxpod中
[root@k8s-master01testkubedns]#kubectlcp/usr/bin/pingnginx-4217019353-whx5b:
/usr/bin/
[root@k8s-master01testkubedns]#kubectlcp/usr/lib64/libcap.so.2nginx-4217019353-whx5b:
/usr/lib/
[root@k8s-master01testkubedns]#kubectlcp/usr/lib64/libidn.so.11nginx-4217019353-whx5b:
/usr/lib/
[root@k8s-master01testkubedns]#kubectlcp/usr/lib64/libcrypto.so.10nginx-4217019353-whx5b:
/usr/lib/
5.5进入新启动的nginxpod中,然后ping之前创建的my-nginx服务,看是否能正常解析到dns地址
[root@k8s-master01testkubedns]#kubectlexecnginx-4217019353-whx5b-ti--/bin/bash
root@nginx-4217019353-whx5b:
/#pingmy-nginx
PINGmy-nginx.default.svc.cluster.local(169.169.255.45)56(84)bytesofdata.
升级会员 