Kube-dns

Table of Contents

• 前言
• 建立 kube-dns deployment

前言

建立 kube-dns deployment

on master1

• 編輯 kube-dns.yml

  $ cd /etc/kubernetes/addons
  $ vim kube-dns.yml
  

  ```yaml apiVersion: v1 kind: ServiceAccount metadata: name: kube-dns labels: k8s-app: kube-dns kubernetes.io/cluster-service: "true" addonmanager.kubernetes.io/mode: Reconcile namespace: kube-system

---

apiVersion: v1 kind: Service metadata: name: kube-dns namespace: kube-system labels: k8s-app: kube-dns kubernetes.io/cluster-service: "true" addonmanager.kubernetes.io/mode: Reconcile spec: selector: k8s-app: kube-dns clusterIP: 10.96.0.10 ports:

• name: dns port: 53 protocol: UDP
• name: dns-tcp port: 53 protocol: TCP

---

apiVersion: extensions/v1beta1 kind: Deployment metadata: name: kube-dns namespace: kube-system labels: k8s-app: kube-dns kubernetes.io/cluster-service: "true" addonmanager.kubernetes.io/mode: Reconcile spec: strategy: rollingUpdate: maxSurge: 10% maxUnavailable: 0 selector: matchLabels: k8s-app: kube-dns template: metadata: labels: k8s-app: kube-dns annotations: scheduler.alpha.kubernetes.io/critical-pod: '' spec: dnsPolicy: Default serviceAccountName: kube-dns tolerations:

  - key: "CriticalAddonsOnly"
    operator: "Exists"
  - key: node-role.kubernetes.io/master
    effect: NoSchedule
  volumes:
  - name: kube-dns-config
    configMap:
      name: kube-dns
      optional: true
  containers:
  - name: kubedns
    image: gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.7
    resources:
      limits:
        memory: 170Mi
      requests:
        cpu: 100m
        memory: 70Mi
    livenessProbe:
      httpGet:
        path: /healthcheck/kubedns
        port: 10054
        scheme: HTTP
      initialDelaySeconds: 60
      timeoutSeconds: 5
      successThreshold: 1
      failureThreshold: 5
    readinessProbe:
      httpGet:
        path: /readiness
        port: 8081
        scheme: HTTP
      initialDelaySeconds: 3
      timeoutSeconds: 5
    args:
    - "--domain=cluster.local"
    - --dns-port=10053
    - --v=2
    env:
    - name: PROMETHEUS_PORT
      value: "10055"
    ports:
    - containerPort: 10053
      name: dns-local
      protocol: UDP
    - containerPort: 10053
      name: dns-tcp-local
      protocol: TCP
    - containerPort: 10055
      name: metrics
      protocol: TCP
    volumeMounts:
    - name: kube-dns-config
      mountPath: /kube-dns-config
  - name: dnsmasq
    image: gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.7
    livenessProbe:
      httpGet:
        path: /healthcheck/dnsmasq
        port: 10054
        scheme: HTTP
      initialDelaySeconds: 60
      timeoutSeconds: 5
      successThreshold: 1
      failureThreshold: 5
    args:
    - "-v=2"
    - "-logtostderr"
    - "-configDir=/etc/k8s/dns/dnsmasq-nanny"
    - "-restartDnsmasq=true"
    - "--"
    - "-k"
    - "--cache-size=1000"
    - "--log-facility=-"
    - "--server=/cluster.local/127.0.0.1#10053"
    - "--server=/in-addr.arpa/127.0.0.1#10053"
    - "--server=/ip6.arpa/127.0.0.1#10053"
    ports:
    - containerPort: 53
      name: dns
      protocol: UDP
    - containerPort: 53
      name: dns-tcp
      protocol: TCP
    resources:
      requests:
        cpu: 150m
        memory: 20Mi
    volumeMounts:
    - name: kube-dns-config
      mountPath: /etc/k8s/dns/dnsmasq-nanny
  - name: sidecar
    image: gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.7
    livenessProbe:
      httpGet:
        path: /metrics
        port: 10054
        scheme: HTTP
      initialDelaySeconds: 60
      timeoutSeconds: 5
      successThreshold: 1
      failureThreshold: 5
    args:
    - "--v=2"
    - "--logtostderr"
    - "--probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.cluster.local,5,A"
    - "--probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.cluster.local,5,A"
    ports:
    - containerPort: 10054
      name: metrics
      protocol: TCP
    resources:
      requests:
        memory: 20Mi
        cpu: 10m

```

$ kubectl apply -f kube-dns.yml

• 驗證

  $ kubectl -n kube-system get po -l k8s-app=kube-dns
  NAME                        READY     STATUS    RESTARTS   AGE
  kube-dns-6cb549f55f-w57m8   0/3       Pending   0          10s