Kubernetes使用私有DNS [英] Kubernetes use private DNS

问题描述

是否可以在Kubernetes中使用私有DNS?例如，应用程序需要通过其主机名连接到外部数据库.解析IP的DNS条目存放在专用DNS中.

Is it possible to use a private DNS in Kubernetes? For example, an application needs to connect to an external DB by its hostname. The DNS entry, which resolves the IP, is deposited in a private DNS.

我的AKS(Azure Kubernetes服务)正在1.17版上运行，该版本已经使用了新的coreDNS.

My AKS (Azure Kubernetes Service) is running on version 1.17 which already uses the new coreDNS.

我的第一个尝试是通过配置pod的/etc/resolve.conf文件，像在VM上一样使用该私有DNS:

My first try was to use that private DNS like on VM by configuring the /etc/resolve.conf file of the pods:

dnsPolicy: "None"
  dnsConfig:
    nameservers:
      - 10.76.xxx.xxx
      - 10.76.xxx.xxx
    searches:
      - az-q.example.com
    options:
      - name: ndots
        value: "2"

然后我尝试使用configmap来调整coreDNS:

Then I tried to use configmap to adjust the coreDNS:

apiVersion: v1
kind: ConfigMap
metadata:
  name: kube-dns
  namespace: kube-system
data:
  upstreamNameservers: |
    ["10.76.xxx.xxx", "10.76.xxx.xxx"]

但是我的pod每次在部署时都出现错误:

But my pod is every time running in an error on deployment:

$ sudo kubectl logs app-homepage-backend-xxxxx -n ingress-nginx
events.js:174
      throw er; // Unhandled 'error' event
      ^
Error: getaddrinfo ENOTFOUND az-q.example.com az-q.example.com:636
    at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:56:26)

我想念什么?

推荐答案

为了实现所需的功能，我将在pod清单中使用dnsPolicy: ClusterFirst定义，然后定义一个存根区域(专用DNS区域) )在您的群集DNS子系统中.

In order to achieve what you need, I'd go with dnsPolicy: ClusterFirst definition in the pod manifests and then a definition of a stub zone (private DNS zone) in your cluster DNS subsystem.

为标识群集DNS堆栈，通常检查kube-system名称空间中运行的Pod.您很可能会发现以下两种之一:CoreDNS或Kube-DNS.

For identifying the Cluster DNS stack, typically check the pods running in the kube-system namespace. Most likely you'll find one of these two: CoreDNS or Kube-DNS.

如果您的群集DNS在 CoreDNS 上运行，请查找kube-dns configmap中的修改.

In case your cluster DNS runs on CoreDNS, then look for this kind of a modification in your coredns configmap. If you run on the older Kube-DNS system, then look for this modification in kube-dns configmap.

重要的一点是，如果您想将此修改应用于以主机网络模式运行的Pod(kube-system名称空间中的许多Pod)，则需要使用dnsPolicy: ClusterFirstWithHostNet节修改它们的清单.

It's important to say that if you would like to apply this modification to pods running in the host network mode (many pods from kube-system namespace), you need to modify their manifests with dnsPolicy: ClusterFirstWithHostNet stanza.

这篇关于Kubernetes使用私有DNS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！