...
Note:Instead of kube-dns pod, coredns pod is created.
...
Code Block |
---|
ubuntu@coredns-1: |
...
/dockerdata-nfs$ ls -lrt total 44 -rw-r--r-- 1 root root 1366 Mar 1 15:00 Corefile -rw-r--r-- 1 root root 979 Mar 5 14:06 zone.db ubuntu@coredns-1:/dockerdata-nfs$ root@coredns-1:~# kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE kube-system etcd-kubefed-1 1/1 Running 0 1h kube-system kube-apiserver-kubefed-1 1/1 Running 0 1h kube-system kube-controller-manager-kubefed-1 |
...
1/1 |
...
kube-system coredns-789ff8fd8d-2gxnc 1/1 Running 0 1h
kube-system kube-proxy-g7bxn
1
/
1
Running
0
1h
...
Running 0 1h kube-system coredns-789ff8fd8d-2gxnc 1/1 Running 0 1h kube-system kube-proxy-g7bxn 1/1 Running 0 1h kube-system kube-proxy-q82lg 1/1 Running 0 1h kube-system kube-scheduler-kubefed-1 |
...
1/1 |
...
Running 0 1h kube-system tiller-deploy-546cf9696c- |
...
fbckp 1/1 |
...
Running 0 1h
kube-system weave-net-9zlrh 2/2 Running 0 1h
kube-system weave-net-dn7fj 2/2 Running 1 1h
root@coredns-1:~#
|
Modify coredns deployment to configure DNS zone
Put attached files - Corefile and zone.db in /dockerdata-nfs using root user.
Code Block ubuntu@kubefedubuntu@coredns-21:/dockerdata-nfs$ ls -lrt total 44 -rw-r--r-- 1 root root 1366 Mar 1 15:00 Corefile -rw-r--r-- 1 root root 979 Mar 5 14:06 zone.db ubuntu@kubefedubuntu@coredns-21:/dockerdata-nfs$
Edit coredns configmap to reflect the new zone file and adding the key.
Code Block #Below command opens the codedns configmap for editing. Edit and save the file. ubuntu@kubefedubuntu@coredns-1:~# kubectl edit configmap coredns -n kube-system # Please edit the object below. Lines beginning with a '#' will be ignored, # and an empty file will abort the edit. If an error occurs while saving this file will be # reopened with the relevant failures. # apiVersion: v1 data: Corefile: | .:53 { errors log health kubernetes cluster.local 10.96.0.0/12 { pods insecure } file /dockerdata-nfs/zone.db example.com prometheus proxy . /etc/resolv.conf cache 30 } zone.db: "$ORIGIN example.com. ; designates the start of this zone file in the namespace\n$TTL 1h ; default expiration time of all resource records without their own TTL value\nexample.com. IN SOA ns.example.com. username.example.com. ( 2007120710 1d 2h 4w 1h )\nexample.com. IN NS ns ; ns.example.com is a nameserver for example.com\nexample.com. IN NS ns.somewhere.example. ; ns.somewhere.example is a backup nameserver for example.com\nexample.com. IN \ A 10.147.101.135 ; IPv4 address for example.com\nns IN \ A 10.247.5.11 ; IPv4 address for ns.example.com\nwww IN \ CNAME example.com. ; www.example.com is an alias for example.com\nwwwtest \ IN CNAME www ; wwwtest.example.com is another alias for www.example.com\nsdnc.example.com. \ IN SRV 30202 10 10 example.com.\n;;site1\n;;sdnc IN A 10.147.99.140\n;;site2\nsdnc\t\t IN A 10.147.101.23" kind: ConfigMap metadata: creationTimestamp: 2018-02-28T20:13:03Z name: coredns namespace: kube-system resourceVersion: "102077" selfLink: /api/v1/namespaces/kube-system/configmaps/coredns uid: c8489771-1cc3-11e8-a0cb-fa163eabcb60 configmap "coredns" edited ubuntu@kubefedubuntu@coredns-1:~#
Following changes changes are applied:
Where Added Line Corefile: |
.:53{
...
}
file /dockerdata-nfs/zone.db example.com
Before #Before line: kind: ConfigMap
Note
#Note that IP addresses in "A record" should point to your environment. Only site's master node. #Only one of the site's "A record" should be uncommented at a time.example.com. IN A <fed-vm master ip address>
ns IN A <nameserver on fed VM as configured originally in /etc/resolv.conf>
;;site1
;;sdnc IN A <site1 master IP> //note that site1 is commented heresite1 commented here. Traffic pointed to site2
;;site2
sdnc IN IN A <site2 master IP>
zone.db: "$ORIGIN example.com. ; designates the start of this zone file in the
namespace\n$TTL 1h ; default expiration time of all resource records without
their own TTL value\nexample.com. IN SOA ns.example.com. username.example.com.
( 2007120710 1d 2h 4w 1h )\nexample.com. IN NS ns ; ns.example.com
is a nameserver for example.com\nexample.com. IN NS ns.somewhere.example.
; ns.somewhere.example is a backup nameserver for example.com\nexample.com. IN
\ A 10.147.101.135 ; IPv4 address for example.com\nns IN
\ A 10.247.5.11 ; IPv4 address for ns.example.com\nwww IN
\ CNAME example.com. ; www.example.com is an alias for example.com\nwwwtest
\ IN CNAME www ; wwwtest.example.com is another alias for www.example.com\nsdnc.example.com.
\ IN SRV 30202 10 10 example.com.\n;;site1\n;;sdnc IN A 10.147.99.140\n;;site2\nsdnc\t\t
IN A 10.147.101.23"Note The files copied in Step step 1 should have matching entries as contain the same entries of coredns configmap, described in Step step 2. That is, the IP addresses should point to your environment as explained in step 2. Make sure to have the same site as commented, as in Step 2.If the files in step 1, are pointing traffic to site1 (for example), the codedns configmap in step 2, should also configure site1 ( and comment out site2)
Edit coredns deployment to specify mount volumes and zone key for coredns.
Code Block ubuntu@kubefedubuntu@coredns-1:~# kubectl -n kube-system edit deployment coredns deployment "coredns" edited ubuntu@kubefedubuntu@coredns-1:~#
Make the following changes Purpose Changes mount point for new zone file
mount point for new coredns config file
define new zone key in volumes
Field Added/Replaced Value .spec.template.spec.containers.volumeMounts
.spec.template.spec.containers.args
Replaced Values:
- mountPath: /dockerdata-nfs
name: config-volume- conf
- /dockerdata-nfs/Corefile
.spec.template.spec.volumes.items Added Values:
- key: zone.db
path: zone.dbDeployment config will look as in file coredns-edit-deploymnt.yaml after making above athe bove changes.
Note that editing the deployment will create a new coredns pod and terminate the old one. Verify the new pod is up and running after editing deployment.Code Block ubuntu@kubefedubuntu@coredns-21:/root$ kubectl get pods --all-namespaces --context=kubernetes-admin-host | grep coredns kube-system coredns-789ff8fd8d-2gxnc 1/1 Running 0 5d ubuntu@kubefedubuntu@coredns-21:/root$
Edit /etc/resolv.conf to point nameserver to configured coreDNS server.
Code Block ubuntu@kubefedubuntu@coredns-1:~# kubectl get svc --all-namespaces --context=kubernetes-admin-host | grep kube-dns kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 5d #Use the above cluster IP to configure in /etc/resolv.conf as shown below ubuntu@kubefedubuntu@coredns-21:/root$ sudo vi /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 10.96.0.10 #nameserver 10.247.5.11 search openstacklocal ubuntu@kubefedubuntu@coredns-21:
Lookup the configured domain to verify it is pointing to site as configured above.
Code Block ubuntu@kubefedubuntu@coredns-21:/dockerdata-nfs$ nslookup sdnc.example.com Server: 10.96.0.10 Address: 10.96.0.10#53 Name: sdnc.example.com Address: 10.147.101.23 #verify it is resolving sites like google.ca backwardly ubuntu@kubefedubuntu@coredns-21:/dockerdata-nfs$ nslookup google.ca Server: 10.96.0.10 Address: 10.96.0.10#53 Non-authoritative answer: Name: google.ca Address: 172.217.23.131