Skip to content

Latest commit

 

History

History
134 lines (102 loc) · 3.5 KB

09-Core-DNS.md

File metadata and controls

134 lines (102 loc) · 3.5 KB
Raw

Deploying the DNS Cluster Add-on

Up to this point the cluster is fully functional except for the DNS resolution inside the pods, i.e accessing services exposed inside the cluster by pods. It also applies to DNS resolution to external hosts.

Deploy CoreDNS

This yaml file contains the deployment of CoreDNS along with some other kubernetes objects to connect with the cluster, such as Role, RoleBinding, ConfigMap.

kubectl apply -f https://storage.googleapis.com/kubernetes-the-hard-way/coredns-1.7.0.yaml
serviceaccount/coredns created
clusterrole.rbac.authorization.k8s.io/system:coredns created
clusterrolebinding.rbac.authorization.k8s.io/system:coredns created
configmap/coredns created
deployment.apps/coredns created
service/kube-dns created

Wait a few seconds and the get the coredns pods

kubectl get pods -l k8s-app=kube-dns -n kube-system
NAME                       READY   STATUS    RESTARTS   AGE
coredns-5677dc4cdb-l7qhl   1/1     Running   0          55s
coredns-5677dc4cdb-tmnnr   1/1     Running   0          55s

Edit the configuration map to include the forwarding to our external DNS.

kubectl edit -n kube-system configmaps coredns

In this case my home router has the IP address 192.168.1.254. Add the following line after the kubernetes block.

forward . 192.168.1.254

Optionally you can also add log to help in troubleshooting.

It should read

...
Corefile: |
    .:53 {
        errors
        health
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
          pods insecure
          fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        cache 30
        loop
        reload
        loadbalance
        log
        forward . 192.168.1.254
    }
...

Verification

The original guide suggests to use busybox image, however I found many issues when trying it for the DNS resolution tests. Instead, I used a plain Debian and installed dnsutils package on it to achieve the same results.

Prepare the Test Pod

kubectl run debian --image=arm32v5/debian --command -- sleep 7200
pod/debian created
kubectl get pods -l run=debian -w
NAME     READY   STATUS              RESTARTS   AGE
debian   0/1     ContainerCreating   0          116s
debian   1/1     Running             0          3m10s

If this step works, it proves we have external hosts resolution working.

kubectl exec debian -- apt update
kubectl exec debian -- apt install -y dnsutils

Test Resolving kubernetes

kubectl exec debian -- nslookup kubernetes
Server:	10.32.0.10
Address:	10.32.0.10#53

Name:	kubernetes.default.svc.cluster.local
Address: 10.32.0.1

Test Resolving nginx Pod

kubectl create deployment nginx --image=arm32v5/nginx
deployment.apps/nginx created
kubectl get pods -l app=nginx -w
NAME                     READY   STATUS              RESTARTS   AGE
nginx-54cb54645d-88k7c   0/1     ContainerCreating   0          53s
nginx-54cb54645d-88k7c   1/1     Running             0          76s

Resolve nginx pod using short name nginx

kubectl exec debian -- nslookup nginx
Server:		10.32.0.10
Address:	10.32.0.10#53

Name:	nginx.default.svc.cluster.local
Address: 10.32.0.110

Resolve nginx pod using long name nginx.default.svc.cluster.local

kubectl exec debian -- nslookup nginx.default.svc.cluster.local
Server:		10.32.0.10
Address:	10.32.0.10#53

Name:	nginx.default.svc.cluster.local
Address: 10.32.0.110