小言_互联网的博客

Kubernetes基础:CoreDNS功能确认

2020-04-01 15:16 226人阅读  评论(0)


CoreDNS已经取代了kube-dns作为了,DNS主要完成域名的查询和转换,这篇文章介绍一下使用dnsutils中的nslookup与dig功能进行DNS是否正常动作的确认的方法。

环境准备

快速环境搭建建议使用单机版Kubernetes的安装脚本,一键安装,详情可参看:

如何确认DNS

DNS是Domain Name System的缩写,只要能够完成域名到ip的查询转换的过程,就说明DNS能够正常运行,以macOS上使用nslookup来对www.baidu.com进行确认过程为例:

liumiaocn:~ liumiao$ nslookup www.baidu.com
Server:		192.168.31.1
Address:	192.168.31.1#53

Non-authoritative answer:
www.baidu.com	canonical name = www.a.shifen.com.
Name:	www.a.shifen.com
Address: 61.135.169.125
Name:	www.a.shifen.com
Address: 61.135.169.121

liumiaocn:~ liumiao$

另外使用dig也可以同样进行确认,而且可以列出CNAME等的信息

liumiaocn:~ liumiao$ dig www.baidu.com

; <<>> DiG 9.10.6 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51887
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.baidu.com.			IN	A

;; ANSWER SECTION:
www.baidu.com.		30	IN	CNAME	www.a.shifen.com.
www.a.shifen.com.	30	IN	A	61.135.169.125
www.a.shifen.com.	30	IN	A	61.135.169.121

;; Query time: 4 msec
;; SERVER: 192.168.31.1#53(192.168.31.1)
;; WHEN: Fri Sep 13 07:42:07 CST 2019
;; MSG SIZE  rcvd: 90

liumiaocn:~ liumiao$

通过上述内容,可以看到,DNS能够进行正常的转换。接下来我们启动一个pod,然后在此pod中确认DNS是否能够正常动作。

事前准备

准备一个nginx的pod的yaml文件,为了示例说明,做最简化设定如下:

[root@host132 yaml]# cat pod-demo1.yaml 
---
apiVersion: v1
kind: Pod
metadata:
  name: nginx
spec:
  containers:
  - name: nginx-container
    image: nginx:latest
    ports:
    - containerPort: 80
...
[root@host132 yaml]#

启动nginx的pod

[root@host132 yaml]# kubectl create -f pod-demo1.yaml 
pod/nginx created
[root@host132 yaml]# 
[root@host132 yaml]# 
[root@host132 yaml]# kubectl get pods
NAME    READY   STATUS    RESTARTS   AGE
nginx   1/1     Running   0          8s
[root@host132 yaml]#

确认pod运行状态

使用get pod确认nginx的pod运行状态,并使用ServiceIP访问此pod中运行的nginx。

[root@host132 yaml]# kubectl get pods -o wide
NAME    READY   STATUS    RESTARTS   AGE   IP             NODE              NOMINATED NODE   READINESS GATES
nginx   1/1     Running   0          92s   10.254.224.4   192.168.163.132   <none>           <none>
[root@host132 yaml]# 
[root@host132 yaml]# curl http://10.254.224.4
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@host132 yaml]#

安装nslookup命令

由于nginx镜像中没有nslookup命令,所以需要安装,如果是busybox进行验证则会更加方便。

[root@host132 yaml]# kubectl exec -it nginx sh
# nslookup
sh: 1: nslookup: not found
#

根据上述提示由于没有nslookup命令,在nginx的容器之中,由于nslookup在dnsutils包中,使用如下步骤,则可以完成nslookup的安装

  • 步骤1: apt-get update
  • 步骤2: apt-get install dnsutils

执行日志示例如下所示:

# apt-get update
Get:1 http://security-cdn.debian.org/debian-security buster/updates InRelease [39.1 kB]
...省略                                            
Fetched 8194 kB in 1min 45s (78.2 kB/s)                                                                                                
Reading package lists... Done
# apt-get install dnsutils
Reading package lists... Done
Building dependency tree       
Reading state information... Done
...省略
Need to get 4514 kB of archives.
After this operation, 12.0 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://cdn-fastly.deb.debian.org/debian buster/main amd64 libcap2 amd64 1:2.25-2 [17.6 kB]
...省略                
Fetched 4514 kB in 3min 0s (25.1 kB/s)                                                                                                 
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libcap2:amd64.
(Reading database ... 7203 files and directories currently installed.)
...省略
Setting up dnsutils (1:9.11.5.P4+dfsg-5.1) ...
Processing triggers for libc-bin (2.28-10) ...
#

确认域名转换

同样使用nslookup和dig,可以看到可以正常进行域名与ip的转换与相关内容的获取。

# nslookup www.baidu.com
Server:		10.254.0.2
Address:	10.254.0.2#53

Non-authoritative answer:
www.baidu.com	canonical name = www.a.shifen.com.
Name:	www.a.shifen.com
Address: 61.135.169.125
Name:	www.a.shifen.com
Address: 61.135.169.121

# 
# dig www.baidu.com

; <<>> DiG 9.11.5-P4-5.1-Debian <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42824
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.baidu.com.			IN	A

;; ANSWER SECTION:
www.baidu.com.		26	IN	CNAME	www.a.shifen.com.
www.a.shifen.com.	26	IN	A	61.135.169.125
www.a.shifen.com.	26	IN	A	61.135.169.121

;; Query time: 5 msec
;; SERVER: 10.254.0.2#53(10.254.0.2)
;; WHEN: Thu Sep 12 23:17:29 UTC 2019
;; MSG SIZE  rcvd: 138

#

当然,CoreDNS主要用于进行内部服务的发现和沟通之用,我们使用kubectl get service确认到当前存在名为kubernetes的服务,主要信息如下:

[root@host132 yaml]# kubectl get services
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.254.0.1   <none>        443/TCP   155m
[root@host132 yaml]#

同样可以使用nslookup查询此服务与ip的转换情况,详细信息如下所示:

# nslookup kubernetes
Server:		10.254.0.2
Address:	10.254.0.2#53

Name:	kubernetes.default.svc.cluster.local
Address: 10.254.0.1

#

另外使用ping命令也可以直接对服务名进行连接确认

# ping -c1 kubernetes
PING kubernetes.default.svc.cluster.local (10.254.0.1) 56(84) bytes of data.
64 bytes from kubernetes.default.svc.cluster.local (10.254.0.1): icmp_seq=1 ttl=64 time=0.029 ms

--- kubernetes.default.svc.cluster.local ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.029/0.029/0.029/0.000 ms
#

其他基础


转载:https://blog.csdn.net/liumiaocn/article/details/100793480
查看评论
* 以上用户言论只代表其个人观点,不代表本网站的观点或立场