[Kubernetes] DNS

쿠버네티스 DNS

  - coreDNS : Service 및 Pod용 DNS

kubectl get svc -A
NAMESPACE       NAME                                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
default         kubernetes                           ClusterIP   10.96.0.1       <none>        443/TCP                      57d
default         webui-svc                            ClusterIP   10.96.100.100   <none>        80/TCP                       6d19h
ingress-nginx   ingress-nginx-controller             NodePort    10.100.18.204   <none>        80:30100/TCP,443:30200/TCP   56d
ingress-nginx   ingress-nginx-controller-admission   ClusterIP   10.99.57.254    <none>        443/TCP                      56d
kube-system     kube-dns                             ClusterIP   10.96.0.10      <none>        53/UDP,53/TCP,9153/TCP       77d

 

 - kube-dns Service

  1. CLUSTER-IP : 10.96.0.10

  2. coreDNS Pod로 동작 

kubectl get pod -A | grep dns
kube-system     coredns-565d847f94-k9kvr                     1/1     Running       25 (14m ago)     77d
kube-system     coredns-565d847f94-tdhmn                     1/1     Running       25 (14m ago)     77d

 

core DNS 사용

 - kubernetes DNS는 클러스터에서 실행하는 모든 Pod가 사용할 수 있도록 구성된다.

 - DNS를 통해 Service와 Pod Access

    . service_name.namespace.svc.cluster.local

    . Pod-IP-Address.namespace.pod.cluster.local

 

3개의 pod 및 service 생성

cat deployment.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: web
spec:
  replicas: 3
  selector:
    matchLabels:
      app: web
  template:
    metadata:
      name: nginx-pod
      labels:
        app: web
    spec:
      containers:
      - name: nginx-container
        image: nginx:1.14

kubectl apply -f deployment.yaml 
deployment.apps/web created

 cat svc.yaml 
apiVersion: v1
kind: Service
metadata:
  name: svc-web
spec:
  clusterIP: 10.96.100.100
  selector:
    app: web
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

kubectl apply -f svc.yaml
service/svc-web created

 kubectl get all
NAME                       READY   STATUS    RESTARTS   AGE
pod/web-67b56f4c4c-5r7qm   1/1     Running   0          37s
pod/web-67b56f4c4c-l8bw5   1/1     Running   0          37s
pod/web-67b56f4c4c-thlqw   1/1     Running   0          37s

NAME                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
service/kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP   57d
service/svc-web      ClusterIP   10.96.100.100   <none>        80/TCP    17s

NAME                  READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/web   3/3     3            3           37s

NAME                             DESIRED   CURRENT   READY   AGE
replicaset.apps/web-67b56f4c4c   3         3         3       37s

NAME                   COMPLETIONS   DURATION   AGE
job.batch/centos-job   0/1           58d        58d

 

curl 명령으로 svc 호출시 pod 3개 중 1개의 pod 로 연결되는것을 확인

curl 10.96.100.100
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

 

하나의 pod를 생성 후 pod 내 접속

/etc/resolv.conf 확인시 10.96.0.10은 kube-dns 즉, core DNS

kubectl run client-pod --image=centos:7 -it -- /bin/bash
If you don't see a command prompt, try pressing enter.

[root@client-pod /]# cat /etc/resolv.conf 
search default.svc.cluster.local svc.cluster.local cluster.local
nameserver 10.96.0.10
options ndots:5

[root@client-pod /]# curl 10.96.100.100
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

 

search는 dns 호출시 뒤에껄 생략해도 되는걸 의미 default.svc.cluster.local svc.cluster.local cluster.local

 curl svc-web.default.svc.cluster.local
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>ㅃ
[root@client-pod /]# curl svc-web
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

 

pod로 직접 호출 가능

[root@client-pod /]# curl 10-36-0-1.default.pod.cluster.local
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

 

Pod 내 DNS 설정

 - 네임서버 및 search 정보가 pod 내 /etc/resolv.conf 파일 내 확인 가능

cat custom-dns.yaml 
apiVersion: v1
kind: Pod
metadata:
  namespace: default
  name: dns-example
spec:
  containers:
    - name: test
      image: nginx
  dnsPolicy: "None"
  dnsConfig:
    nameservers:
      - 1.2.3.4
    searches:
      - ns1.svc.cluster-domain.example
      - my.dns.search.suffix
    options:
      - name: ndots
        value: "2"
      - name: edns0

kubectl apply -f custom-dns.yaml
pod/dns-example created

kubectl get pods
NAME                   READY   STATUS    RESTARTS   AGE
client-pod             1/1     Running   0          12m
dns-example            1/1     Running   0          20s
web-67b56f4c4c-5r7qm   1/1     Running   0          26m
web-67b56f4c4c-l8bw5   1/1     Running   0          26m
web-67b56f4c4c-thlqw   1/1     Running   0          26m

kubectl exec dns-example -it -- /bin/bash 

root@dns-example:/# cat /etc/resolv.conf 
search ns1.svc.cluster-domain.example my.dns.search.suffix
nameserver 1.2.3.4
options ndots:2 edns0

 

 

[참고]

- 유투브 따배쿠 강의