Analysis of Intranet DNS of K8S in Development and Test Environment 01/16 Update SLTechnology News&Howtos

Analysis of Intranet DNS of K8S in Development and Test Environment

2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/02 Report--

相信很多朋友都已经在测试或者生产环境中使用K8S来解决自己的业务问题，以下是我们在测试环境落地的一些实践。我们把所有的Service、POD直接裸奔于开发以及测试人员(没有使用Ingress、nodeport、LB，直接使用静态路由+NAT)，这样我们的测试以及开发人员可直接访问SVC和POD，这个后期我们单独拿出来细讲。由于我们是移动端原生开发居多，因此大部分都需要借助WIFI+DNS服务器来完成我们APP的测试。但是内网站点多，服务多，需要经常维护DNS服务器，可不可以根据我们的Service自动去维护我们的DNS服务器呢。

思路:

1.获取K8S容器云中所有namespace下的所有Service，然后制定规则如所有的web服务以完整的域名作为服务名，比如我们的api.abc.com那么服务名就是api-abc-com，然后把kube-system过滤掉

2.根据上述获取到的namespace、域名、ClusterIP写入到对应文件夹下的DNS配置文件,如果存在则删除再增加，如果不存在则自动添加

3.将各个命名空间的DNS配置文件进行加载

#!/bin/bashns=$(kubectl get ns|awk 'NR!=1 && !/kube/ && !/istio/ && !/cattle-system/ && !/default/ && !/efk/ {print $1}')for namespace in $nsdo [ -d $namespace ] || mkdir -p ${namespace} [ -f ${namespace}/dns ] || touch ${namespace}/dns svc=$(kubectl get svc -n$namespace|awk '/-/ && NR!=1 {print $1,$3}'|sed 's#-#.#g') echo "$svc"|while read line do domain=`echo $line|awk '{print $1}'` dns_record=`echo $line|awk '{print $1"="$2}'` [ `grep ${dns_record} ${namespace}/dns|wc -l` ] && sed -i "/${domain}/d" ${namespace}/dns && echo ${dns_record}>>${namespace}/dns done names=`cat ${namespace}/dns | grep -v '^#|^//' | tr '\n' ','|sed 's/,$//g'` sed "s#{namespace}#${namespace}#g" ~/yaml/dns/deploy.yaml | sed "s#{names}#${names}#g"|kubectl apply -f -done

查看DNS的deploy-svc.yaml

apiVersion: extensions/v1beta1kind: Deploymentmetadata: name: dns namespace: {namespace}spec: selector: matchLabels: name: dns replicas: 1 template: metadata: labels: name: dns spec: containers: - name: bind image: cytopia/bind ports: - containerPort: 53 protocol: TCP name: dnstcp - containerPort: 53 protocol: UDP name: dnsudp env: - name: EXTRA_HOSTS value: "{names}" - name: DNS_FORWARDER value: "114.114.114.144,8.8.4.4" #此处为外网的DNS服务器---apiVersion: v1kind: Servicemetadata: name: dns namespace: {namespace} labels: name: dnsspec: ports: - protocol: TCP port: 53 targetPort: 53 name: dnstcp - protocol: UDP port: 53 targetPort: 53 name: dnsudp selector: name: dns

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.