日本综合一区二区|亚洲中文天堂综合|日韩欧美自拍一区|男女精品天堂一区|欧美自拍第6页亚洲成人精品一区|亚洲黄色天堂一区二区成人|超碰91偷拍第一页|日韩av夜夜嗨中文字幕|久久蜜综合视频官网|精美人妻一区二区三区

RELATEED CONSULTING
相關(guān)咨詢
選擇下列產(chǎn)品馬上在線溝通
服務(wù)時(shí)間:8:30-17:00
你可能遇到了下面的問題
關(guān)閉右側(cè)工具欄

新聞中心

這里有您想知道的互聯(lián)網(wǎng)營銷解決方案
kubernetes中coredns組件的高級用法-創(chuàng)新互聯(lián)

通過coredns實(shí)現(xiàn)內(nèi)外流量分離

場景

  1. 舊業(yè)務(wù)固定了域名,無法通過內(nèi)部service直接訪問服務(wù)
  2. 需要實(shí)現(xiàn)內(nèi)部流量和外部流量自動(dòng)拆分

實(shí)現(xiàn)

  1. 通過coredns的rewrite功能實(shí)現(xiàn)以上能力,如以下內(nèi)部訪問tenant.msa.chinamcloud.com域名時(shí),會(huì)將流量轉(zhuǎn)發(fā)到tenantapi.yunjiao.svc.cluster.local域名,實(shí)現(xiàn)內(nèi)外域名訪問一致。
  2. 部分版本nginx配置時(shí)候可能遇見無法訪問的情況
[root@k8s-master1 ingress]# cat coredns.yaml
apiVersion: v1
data:
  Corefile: |
    .:53 {
        errors
        health
        rewrite name tenant.msa.chinamcloud.com tenantapi.yunjiao.svc.cluster.local
        rewrite name console.msa.chinamcloud.com console.yunjiao.svc.cluster.local
        rewrite name user.msa.chinamcloud.com userapi.yunjiao.svc.cluster.local
        rewrite name lims.msa.chinamcloud.com lims.yunjiao.svc.cluster.local
        rewrite name labapp.msa.chinamcloud.com limsapp.yunjiao.svc.cluster.local
        kubernetes cluster.local in-addr.arpa ip6.arpa {
           pods insecure
           upstream
           fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        forward . /etc/resolv.conf
        cache 30
        loop
        reload
        loadbalance
    }
kind: ConfigMap
metadata:
  creationTimestamp: "2019-04-02T04:57:19Z"
  name: coredns
  namespace: kube-system
  resourceVersion: "197"
  selfLink: /api/v1/namespaces/kube-system/configmaps/coredns
  uid: cb686453-5503-11e9-8ea6-005056be93f5

檢查

[root@k8s-master1 ingress]#  kubectl run -it --rm --restart=Never --image=infoblox/dnstools:latest dnstools
If you don't see a command prompt, try pressing enter.
dnstools# ping tenant.msa.chinamcloud.com
PING tenant.msa.chinamcloud.com (10.98.220.54): 56 data bytes
^C
--- tenant.msa.chinamcloud.com ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss

kubernetes內(nèi)部實(shí)現(xiàn)hosts功能

coredns配置參考文檔

10年積累的成都網(wǎng)站制作、成都網(wǎng)站建設(shè)、外貿(mào)營銷網(wǎng)站建設(shè)經(jīng)驗(yàn),可以快速應(yīng)對客戶對網(wǎng)站的新想法和需求。提供各種問題對應(yīng)的解決方案。讓選擇我們的客戶得到更好、更有力的網(wǎng)絡(luò)服務(wù)。我雖然不認(rèn)識(shí)你,你也不認(rèn)識(shí)我。但先制作網(wǎng)站后付款的網(wǎng)站建設(shè)流程,更有鄲城免費(fèi)網(wǎng)站建設(shè)讓你可以放心的選擇與我們合作。

場景

  1. 通過kubernetes的coredns實(shí)現(xiàn)子域名解析
  2. 實(shí)現(xiàn)kubernetes內(nèi)部 hosts綁定功能

實(shí)現(xiàn)

創(chuàng)建pod時(shí)聲明hosts(不推薦)

[root@k8s-master-1 coredns]# kubectl  explain  pods.spec.hostAliases
KIND:     Pod
VERSION:  v1

RESOURCE: hostAliases <[]Object>

DESCRIPTION:
     HostAliases is an optional list of hosts and IPs that will be injected into
     the pod's hosts file if specified. This is only valid for non-hostNetwork
     pods.

     HostAlias holds the mapping between IP and hostnames that will be injected
     as an entry in the pod's hosts file.

FIELDS:
   hostnames    <[]string>
     Hostnames for the above IP address.

   ip   
     IP address of the host file entry.

[root@k8s-master-1 coredns]#

coredns的hosts特性聲明

hosts 字段部分指明了三個(gè)域名的解析地址

[root@k8s-master-1 coredns]# cat coredns-cm.yaml
apiVersion: v1
data:
  Corefile: |
    .:53 {
        errors
        health
        hosts {
            100.64.139.66 minio.chinamcloud.com
            100.64.139.66 registry.chinamcloud.com
            100.64.139.66 gitlab.chinamcloud.com
            fallthrough
        }
        kubernetes cluster.local in-addr.arpa ip6.arpa {
           pods insecure
           upstream
           fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        forward . /etc/resolv.conf
        cache 30
        loop
        reload
        loadbalance
    }
kind: ConfigMap
metadata:
  name: coredns
  namespace: kube-system

根據(jù)域名指定上游dns服務(wù)器

sobeydemo.com 字段指明了解析該域名的dns服務(wù)器地址

[root@k8s-master-1 coredns]# cat coredns-cm.yaml
apiVersion: v1
data:
  Corefile: |
    .:53 {
        errors
        health
        kubernetes cluster.local in-addr.arpa ip6.arpa {
           pods insecure
           upstream
           fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        forward . /etc/resolv.conf
        cache 30
        loop
        reload
        loadbalance
    }
    sobeydemo.com {
        forward . 100.64.134.250:53
    }
kind: ConfigMap
metadata:
  name: coredns
  namespace: kube-system

檢查

[root@k8s-master-1 coredns]#  kubectl run -it --rm --restart=Never --image=infoblox/dnstools:latest dnstools
If you don't see a command prompt, try pressing enter.
dnstools# host 0DJ01YUR.sobeydemo.com
0DJ01YUR.sobeydemo.com has address 100.64.148.116
0DJ01YUR.sobeydemo.com has IPv6 address 2002:6440:9474::6440:9474
dnstools# host minio.chinamcloud.com
minio.chinamcloud.com has address 100.64.139.66
Host minio.chinamcloud.com not found: 3(NXDOMAIN)
Host minio.chinamcloud.com not found: 3(NXDOMAIN)
dnstools#

另外有需要云服務(wù)器可以了解下創(chuàng)新互聯(lián)cdcxhl.cn,海內(nèi)外云服務(wù)器15元起步,三天無理由+7*72小時(shí)售后在線,公司持有idc許可證,提供“云服務(wù)器、裸金屬服務(wù)器、高防服務(wù)器、香港服務(wù)器、美國服務(wù)器、虛擬主機(jī)、免備案服務(wù)器”等云主機(jī)租用服務(wù)以及企業(yè)上云的綜合解決方案,具有“安全穩(wěn)定、簡單易用、服務(wù)可用性高、性價(jià)比高”等特點(diǎn)與優(yōu)勢,專為企業(yè)上云打造定制,能夠滿足用戶豐富、多元化的應(yīng)用場景需求。


網(wǎng)站題目:kubernetes中coredns組件的高級用法-創(chuàng)新互聯(lián)
新聞來源:http://www.dlmjj.cn/article/edhei.html