Advanced usage of coredns components in kubernetes 02/25 Update SLTechnology News&Howtos

Advanced usage of coredns components in kubernetes

2025-02-25 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/02 Report--

Separation of internal and external traffic through coredns the old business fixed domain name, but cannot access the service directly through internal service. You need to achieve automatic separation of internal and external traffic to achieve the above capabilities through the rewrite feature of coredns. For example, when the following internal access to tenant.msa.chinamcloud.com domain name, traffic will be forwarded to tenantapi.yunjiao.svc.cluster.local domain name to achieve consistent access to internal and external domain name. Some versions of nginx may encounter inaccessible situations when configuring [root@k8s-master1 ingress] # cat coredns.yamlapiVersion: v1data: Corefile: |.: 53 {errors health rewrite name tenant.msa.chinamcloud.com tenantapi.yunjiao.svc.cluster.local rewrite name console.msa.chinamcloud.com console.yunjiao.svc.cluster.local rewrite name user.msa.chinamcloud.com userapi.yunjiao.svc.cluster.local Rewrite name lims.msa.chinamcloud.com lims.yunjiao.svc.cluster.local rewrite name labapp.msa.chinamcloud.com limsapp.yunjiao.svc.cluster.local kubernetes cluster.local in-addr.arpa ip6.arpa {pods insecure upstream fallthrough in-addr.arpa ip6.arpa} prometheus: 9153 forward. / etc/resolv.conf cache 30 loop reload loadbalance} kind: ConfigMapmetadata: creationTimestamp: "2019-04-02T04:57:19Z" name: coredns namespace: kube-system resourceVersion: "197selfLink: / api/v1/namespaces/kube-system/configmaps/coredns uid: cb686453-5503-11e9-8ea6-005056be93f5 check [root@k8s-master1 ingress] # kubectl run-it-rm-restart=Never-image=infoblox/dnstools:latest dnstoolsIf you don't see a command prompt Try pressing enter.dnstools# ping tenant.msa.chinamcloud.comPING tenant.msa.chinamcloud.com (10.98.220.54): 56 data bytes ^ C-tenant.msa.chinamcloud.com ping statistics-4 packets transmitted, 0 packets received, 100% packet losskubernetes internal implementation of hosts function

Coredns configuration reference documentation

The scenario implements sub-domain name resolution through kubernetes's coredns to implement hosts binding within kubernetes. Declare hosts (not recommended) [root@k8s-master-1 coredns] # kubectl explain pods.spec.hostAliasesKIND: PodVERSION: v1RESOURCE: hostAliases DESCRIPTION: HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified when creating a pod. This is only valid for non-hostNetwork pods. HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.FIELDS: hostnames Hostnames for the above IP address. Hosts feature declaration of ip IP address of the host file entry. [root@k8s-master-1 coredns] # coredns

The hosts field section indicates the resolution addresses of the three domain names

[root@k8s-master-1 coredns] # cat coredns-cm.yamlapiVersion: v1data: Corefile:.: 53 {errors health hosts {100.64.139.66 minio.chinamcloud.com 100.64.139.66 registry.chinamcloud.com 100.64.139.66 gitlab.chinamcloud.com fallthrough} kubernetes cluster.local in-addr.arpa Ip6.arpa {pods insecure upstream fallthrough in-addr.arpa ip6.arpa} prometheus: 9153 forward. / etc/resolv.conf cache 30 loop reload loadbalance} kind: ConfigMapmetadata: name: coredns namespace: kube-system specify upstream dns server based on domain name

The sobeydemo.com field indicates the address of the dns server that parses the domain name

[root@k8s-master-1 coredns] # cat coredns-cm.yamlapiVersion: v1data: Corefile:.: 53 {errors health kubernetes cluster.local in-addr.arpa ip6.arpa {pods insecure upstream fallthrough in-addr.arpa ip6.arpa} prometheus: 9153 forward. / etc/resolv.conf cache 30 loop reload loadbalance} sobeydemo.com {forward. 100.64.134.250 kind: ConfigMapmetadata: name: coredns namespace: kube-system check [root@k8s-master-1 coredns] # kubectl run-it-- rm-- restart=Never-- image=infoblox/dnstools:latest dnstoolsIf you don't see a command prompt Try pressing enter.dnstools# host 0DJ01YUR.sobeydemo.com0DJ01YUR.sobeydemo.com has address 100.64.148.1160DJ01YUR.sobeydemo.com has IPv6 address 2002:6440:9474::6440:9474dnstools# host minio.chinamcloud.comminio.chinamcloud.com has address 100.64.139.66Host minio.chinamcloud.com not found: 3 (NXDOMAIN) Host minio.chinamcloud.com not found: 3 (NXDOMAIN) dnstools#

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.