Shulou(Shulou.com)06/01 Report--

What this article shares with you is about how to understand CoreDNS as a DNS server at the back end of kubernetes. The editor thinks it is very practical, so I share it with you. I hope you can get something after reading this article.

Coredns is so famous because it was introduced from kubernetes1.9 as the default dns for service discovery within kubernetes. There is no doubt that kubernetes is one of the backends of coredns, so let's talk about coredns, starting with kubernetes as its backend.

Many of the features of coredns have been mentioned in many articles online, so I won't repeat them here. Simply compare its advantages over bind and skydns:

Bind can store parsing in mysql or file, or coredns can store parsing in etcd or file. It also supports using kubernetes as its backend, directly calling kubernetes's api to obtain parsed data, and then caching it to local memory. Coredns supports plug-in extensions, and currently supports both powerdns and amazondns as its backend in third-party plug-ins, and will support more and more backends in the future. Bind is basically useless in the application scenario of kubernetes.

Coredns itself is the successor to skydns, supporting all the features of skydns, with better performance and easier to extend. Its plug-in features, whether bind or skydns, are incomparable.

Coredns official website address: https://coredns.io

Coredns code address: https://github.com/coredns/coredns

Official plug-in address for coredns: https://coredns.io/plugins

Coredns third-party plug-in address: https://coredns.io/explugins/

Configure kubernetes back-end storage

Configuration description

In fact, there are official examples and configuration instructions for the kubernetes plug-in. The address is as follows: https://coredns.io/plugins/kubernetes/

I will use the official configuration example as an illustration:

Kubernetes [ZONES...] {resyncperiod DURATION endpoint URL [URL...] Tls CERT KEY CACERT namespaces NAMESPACE... Labels EXPRESSION pods POD-MODE endpoint_pod_names upstream [ADDRESS...] Ttl TTL fallthrough [ZONES...]}

Here are some common parameters:

Resyncperiod: the interval used to synchronize data from the api of kubernetes

Endpoint: specify the api address of the kubernetes, and coredns automatically performs a health check on it and proxies the request to the healthy node. Examples are as follows:

Endpoint https://10.1.61.129:6443 https://10.1.61.130:6443

Tls: used to specify the relevant certificate to connect to the remote kubernetes api. Example:

Tls admin.pem admin-key.pem ca.pem

Pods: specify POD-MODE. There are three types:

Disabled: default

Insecure: returns an ip corresponding to the A record, but does not check whether the Pod corresponding to this ip currently exists. This option is mainly used for kube-dns compatibility

Verified: the recommended way to ensure the existence of the pod of the corresponding ip while returning the A record. Consumes more memory than insecure.

Upstream: defines the address for external domain name resolution and forwarding, which can be an ip address or an resolv.conf file. Example:

Upstream 8.8.8.8:53 8.8.4.4:53

Ttl: default is 5s, maximum is 3600s

Example

A complete example of configuration:

# / opt/coredns/cfg/Corefile.:53 {kubernetes wh01 {resyncperiod 10s endpoint https://10.1.61.175:6443 tls admin.pem admin-key.pem ca.pem pods verified endpoint_pod_names upstream / etc/resolv.conf} health log/ var/log/coredns.log prometheus: 9153 proxy. / etc/resolv.conf cache 30 reload 10s}

You can also write it as follows:

Wh01 {kubernetes {resyncperiod 10s endpoint https://10.1.61.129:6443 tls admin.pem admin-key.pem ca.pem pods verified endpoint_pod_names upstream / etc/resolv.conf} health log errors prometheus: 9153 proxy. / etc/resolv.conf cache 30 reload 10s}

Other configurations are also briefly described as follows:

Health: plug-in to detect whether the current configuration is alive. It listens to http 8080 port by default and can be configured.

Log: plug-in to print logs to standard output

Errors: printing errors to standard output

Prometheus: plug-in for prometheus monitoring

Proxy: domain name resolution outside wh01 is proxied through the address specified by proxy

Cache: plug-in for caching dns parsing in memory in s

Reload: plug-in, in s, the interval between automatic reload if the configuration file changes

Start coredns

Nohup / opt/coredns/bin/coredns-conf / opt/coredns/cfg/Corefile &

Start coredns using systemd

# cat / lib/systemd/system/coredns.service [Unit] Description=CoreDNSDocumentation= https://coredns.io[Service]ExecStart=/opt/coredns/bin/coredns\-conf / opt/coredns/cfg/CorefileRestart=on-failureRestartSec=5 [Install] WantedBy=multi-user.targe# systemctl start coredns# systemctl enable coredns is how to understand CoreDNS as a DNS server at the back end of kubernetes. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.