Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note:Instead of kube-dns pod, coredns pod is created.

...


Code Block
ubuntu@coredns-1:

...

/dockerdata-nfs$ ls -lrt
total 44
-rw-r--r-- 1 root root  1366 Mar  1 15:00 Corefile
-rw-r--r-- 1 root root   979 Mar  5 14:06 zone.db
ubuntu@coredns-1:/dockerdata-nfs$
root@coredns-1:~# kubectl get pods --all-namespaces
NAMESPACE     NAME                                READY     STATUS    RESTARTS   AGE
kube-system   etcd-kubefed-1                      1/1       Running   0          1h
kube-system   kube-apiserver-kubefed-1            1/1       Running   0          1h
kube-system   kube-controller-manager-kubefed-1

...

   1/1

...

kube-system coredns-789ff8fd8d-2gxnc 1/1 Running 0 1h

kube-system   kube-proxy-g7bxn                    1/1       Running   0          1h

...

       Running   0          1h
kube-system   coredns-789ff8fd8d-2gxnc            1/1       Running   0          1h
kube-system   kube-proxy-g7bxn                    1/1       Running   0          1h
kube-system   kube-proxy-q82lg                    1/1       Running   0          1h
kube-system   kube-scheduler-kubefed-1

...

            1/1

...

       Running   0          1h
kube-system   tiller-deploy-546cf9696c-

...

fbckp      1/1

...

       Running   0          1h
kube-system   weave-net-9zlrh                     2/2       Running   0          1h
kube-system   weave-net-dn7fj                     2/2       Running   1          1h
root@coredns-1:~#

Modify coredns deployment to configure DNS zone

  1. Put attached files - Corefile and zone.db in /dockerdata-nfs using root user.

    Code Block
    ubuntu@kubefedubuntu@coredns-21:/dockerdata-nfs$ ls -lrt
    total 44
    -rw-r--r-- 1 root root  1366 Mar  1 15:00 Corefile
    -rw-r--r-- 1 root root   979 Mar  5 14:06 zone.db
    ubuntu@kubefedubuntu@coredns-21:/dockerdata-nfs$
    
    
  2. Edit coredns configmap to reflect the new zone file and adding the key.

    Code Block
    #Below command opens the codedns configmap for editing. Edit and save the file.
    
    ubuntu@kubefedubuntu@coredns-1:~# kubectl edit configmap coredns -n kube-system
    # Please edit the object below. Lines beginning with a '#' will be ignored,
    # and an empty file will abort the edit. If an error occurs while saving this file will be
    # reopened with the relevant failures.
    #
    apiVersion: v1
    data:
      Corefile: |
        .:53 {
            errors
            log
            health
            kubernetes cluster.local 10.96.0.0/12 {
               pods insecure
            }
            file /dockerdata-nfs/zone.db example.com
            prometheus
            proxy . /etc/resolv.conf
            cache 30
        }
      zone.db: "$ORIGIN example.com.     ; designates the start of this zone file in the
        namespace\n$TTL 1h         ; default expiration time of all resource records without
        their own TTL value\nexample.com.  IN  SOA   ns.example.com. username.example.com.
        ( 2007120710 1d 2h 4w 1h )\nexample.com.  IN  NS    ns                    ; ns.example.com
        is a nameserver for example.com\nexample.com.  IN  NS    ns.somewhere.example.
        ; ns.somewhere.example is a backup nameserver for example.com\nexample.com.  IN
        \ A     10.147.101.135             ; IPv4 address for example.com\nns            IN
        \ A     10.247.5.11             ; IPv4 address for ns.example.com\nwww           IN
        \ CNAME example.com.          ; www.example.com is an alias for example.com\nwwwtest
        \      IN  CNAME www              ; wwwtest.example.com is another alias for www.example.com\nsdnc.example.com.
        \   IN      SRV    30202 10 10 example.com.\n;;site1\n;;sdnc         IN  A  10.147.99.140\n;;site2\nsdnc\t\t
        IN A   10.147.101.23"
    kind: ConfigMap
    metadata:
      creationTimestamp: 2018-02-28T20:13:03Z
      name: coredns
      namespace: kube-system
      resourceVersion: "102077"
      selfLink: /api/v1/namespaces/kube-system/configmaps/coredns
      uid: c8489771-1cc3-11e8-a0cb-fa163eabcb60
     
    configmap "coredns" edited
    ubuntu@kubefedubuntu@coredns-1:~#

    Following changes  changes are applied:

    WhereAdded Line

    Corefile: |

    .:53{

    ...

    }

    file /dockerdata-nfs/zone.db example.com
    Before #Before line:
    kind: ConfigMap
    Note


    #Note that IP addresses in "A record" should point to your environment. Only site's master node. #Only one of the site's "A record" should be uncommented at a time.
    example.com.  IN   A   <fed-vm master ip address>
    ns            IN   A   <nameserver on fed VM as configured originally in /etc/resolv.conf>
    ;;site1
    ;;sdnc         IN  A  <site1 master IP>              //note that site1 is commented heresite1 commented here. Traffic pointed to site2
    ;;site2
    sdnc        IN  IN  A   <site2 master IP>
     zone.db: "$ORIGIN example.com.     ; designates the start of this zone file in the
    namespace\n$TTL 1h ; default expiration time of all resource records without
    their own TTL value\nexample.com. IN SOA ns.example.com. username.example.com.
    ( 2007120710 1d 2h 4w 1h )\nexample.com. IN NS ns ; ns.example.com
    is a nameserver for example.com\nexample.com. IN NS ns.somewhere.example.
    ; ns.somewhere.example is a backup nameserver for example.com\nexample.com. IN
    \ A 10.147.101.135 ; IPv4 address for example.com\nns IN
    \ A 10.247.5.11 ; IPv4 address for ns.example.com\nwww IN
    \ CNAME example.com. ; www.example.com is an alias for example.com\nwwwtest
    \ IN CNAME www ; wwwtest.example.com is another alias for www.example.com\nsdnc.example.com.
    \ IN SRV 30202 10 10 example.com.\n;;site1\n;;sdnc IN A 10.147.99.140\n;;site2\nsdnc\t\t
    IN A 10.147.101.23"
    Note

    The files copied in Step step 1 should have matching entries as contain the same entries of coredns configmap, described in Step step 2. That is, the IP addresses should point to your environment as explained in step 2. Make sure to have the same site as commented, as in Step 2.If the files in step 1, are pointing traffic to site1 (for example), the codedns configmap in step 2, should also configure site1 ( and comment out site2)

  3. Edit coredns deployment to specify mount volumes and zone key for coredns.

    Code Block
    ubuntu@kubefedubuntu@coredns-1:~# kubectl -n kube-system edit deployment coredns
    deployment "coredns" edited
    ubuntu@kubefedubuntu@coredns-1:~#
    Make the following changes
    PurposeChanges


    mount point for new zone file

    mount point for new coredns config file

    define new zone key in volumes

    FieldAdded/Replaced Value

    .spec.template.spec.containers.volumeMounts



    .spec.template.spec.containers.args

    Replaced Values:

    - mountPath: /dockerdata-nfs
    name: config-volume


    - conf

    - /dockerdata-nfs/Corefile

     .spec.template.spec.volumes.items

    Added Values:

    - key: zone.db
    path: zone.db

    Deployment config will look as in file coredns-edit-deploymnt.yaml after making above athe bove changes.
    Note that editing the deployment will create a new coredns pod and terminate the old one. Verify the new pod is up and running after editing deployment.

    Code Block
    ubuntu@kubefedubuntu@coredns-21:/root$ kubectl get pods --all-namespaces --context=kubernetes-admin-host | grep coredns
    kube-system         coredns-789ff8fd8d-2gxnc                        1/1       Running   0          5d
    ubuntu@kubefedubuntu@coredns-21:/root$
  4. Edit /etc/resolv.conf to point nameserver to configured coreDNS server.

    Code Block
    ubuntu@kubefedubuntu@coredns-1:~# kubectl get svc --all-namespaces --context=kubernetes-admin-host | grep kube-dns
    kube-system         kube-dns               ClusterIP   10.96.0.10       <none>        53/UDP,53/TCP   5d
     
    #Use the above cluster IP to configure in /etc/resolv.conf as shown below
    ubuntu@kubefedubuntu@coredns-21:/root$ sudo vi /etc/resolv.conf
    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
    #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
    nameserver 10.96.0.10
    #nameserver 10.247.5.11
    search openstacklocal
    ubuntu@kubefedubuntu@coredns-21:
     
  5.  Lookup the configured domain to verify it is pointing to site as configured above.

    Code Block
    ubuntu@kubefedubuntu@coredns-21:/dockerdata-nfs$ nslookup sdnc.example.com
    Server:         10.96.0.10
    Address:        10.96.0.10#53
    Name:   sdnc.example.com
    Address: 10.147.101.23
     
    #verify it is resolving sites like google.ca backwardly
    ubuntu@kubefedubuntu@coredns-21:/dockerdata-nfs$ nslookup google.ca
    Server:         10.96.0.10
    Address:        10.96.0.10#53
    Non-authoritative answer:
    Name:   google.ca
    Address: 172.217.23.131