Kubernetes实战(十二)——CoreDNS和Dashboard部署

1.CoreDNS部署

1.创建CoreDNS

[root@linux-node1 ~]# cat > coredns.yaml <<EOF
apiVersion: v1
kind: ServiceAccount
metadata:
 name: coredns
 namespace: kube-system
 labels:
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
 labels:
   kubernetes.io/bootstrapping: rbac-defaults
   addonmanager.kubernetes.io/mode: Reconcile
 name: system:coredns
rules:
- apiGroups:
 - ""
 resources:
 - endpoints
 - services
 - pods
 - namespaces
 verbs:
 - list
 - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
 annotations:
   rbac.authorization.kubernetes.io/autoupdate: "true"
 labels:
   kubernetes.io/bootstrapping: rbac-defaults
   addonmanager.kubernetes.io/mode: EnsureExists
 name: system:coredns
roleRef:
 apiGroup: rbac.authorization.k8s.io
 kind: ClusterRole
 name: system:coredns
subjects:
- kind: ServiceAccount
 name: coredns
 namespace: kube-system
---
apiVersion: v1
kind: ConfigMap
metadata:
 name: coredns
 namespace: kube-system
 labels:
     addonmanager.kubernetes.io/mode: EnsureExists
data:
 Corefile: |
   .:53 {
       errors
       health
       kubernetes cluster.local. in-addr.arpa ip6.arpa {
           pods insecure
           upstream
           fallthrough in-addr.arpa ip6.arpa
       }
       prometheus :9153
       proxy . /etc/resolv.conf
       cache 30
   }
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
 name: coredns
 namespace: kube-system
 labels:
   k8s-app: coredns
   kubernetes.io/cluster-service: "true"
   addonmanager.kubernetes.io/mode: Reconcile
   kubernetes.io/name: "CoreDNS"
spec:
 replicas: 2
 strategy:
   type: RollingUpdate
   rollingUpdate:
     maxUnavailable: 1
 selector:
   matchLabels:
     k8s-app: coredns
 template:
   metadata:
     labels:
       k8s-app: coredns
   spec:
     serviceAccountName: coredns
     tolerations:
       - key: node-role.kubernetes.io/master
         effect: NoSchedule
       - key: "CriticalAddonsOnly"
         operator: "Exists"
     containers:
     - name: coredns
       image: coredns/coredns:1.0.6
       imagePullPolicy: IfNotPresent
       resources:
         limits:
           memory: 170Mi
         requests:
           cpu: 100m
           memory: 70Mi
       args: [ "-conf", "/etc/coredns/Corefile" ]
       volumeMounts:
       - name: config-volume
         mountPath: /etc/coredns
       ports:
       - containerPort: 53
         name: dns
         protocol: UDP
       - containerPort: 53
         name: dns-tcp
         protocol: TCP
       livenessProbe:
         httpGet:
           path: /health
           port: 8080
           scheme: HTTP
         initialDelaySeconds: 60
         timeoutSeconds: 5
         successThreshold: 1
         failureThreshold: 5
     dnsPolicy: Default
     volumes:
       - name: config-volume
         configMap:
           name: coredns
           items:
           - key: Corefile
             path: Corefile
---
apiVersion: v1
kind: Service
metadata:
 name: coredns
 namespace: kube-system
 labels:
   k8s-app: coredns
   kubernetes.io/cluster-service: "true"
   addonmanager.kubernetes.io/mode: Reconcile
   kubernetes.io/name: "CoreDNS"
spec:
 selector:
   k8s-app: coredns
 clusterIP: 10.1.0.2
 ports:
 - name: dns
   port: 53
   protocol: UDP
 - name: dns-tcp
   port: 53
   protocol: TCP
EOF

[root@linux-node1 ~]# kubectl create -f coredns.yaml
serviceaccount "coredns" created
clusterrole.rbac.authorization.k8s.io "system:coredns" created
clusterrolebinding.rbac.authorization.k8s.io "system:coredns" created
configmap "coredns" created
deployment.extensions "coredns" created
service "coredns" created

2.查看CoreDNS

[root@linux-node1 ~]# kubectl get deployment -n kube-system
NAME      DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
coredns   2         2         2            1           2m
[root@linux-node1 ~]# kubectl get service -n kube-system
NAME      TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)         AGE
coredns   ClusterIP   10.1.0.2     <none>        53/UDP,53/TCP   2m
[root@linux-node1 ~]# kubectl get pod -n kube-system
NAME                       READY     STATUS              RESTARTS   AGE
coredns-77c989547b-mtmwg   0/1       ContainerCreating   0          3m
coredns-77c989547b-prmvs   1/1       Running             0          3m
[root@linux-node1 ~]# kubectl logs pod/coredns-77c989547b-prmvs -n kube-system
.:53
2018/09/23 18:28:42 [INFO] CoreDNS-1.0.6
2018/09/23 18:28:42 [INFO] linux/amd64, go1.10, 83b5eadb
CoreDNS-1.0.6
linux/amd64, go1.10, 83b5eadb

3.测试CoreDNS

[root@linux-node2 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
 -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.1.0.1:443 rr persistent 10800
 -> 192.168.56.11:6443           Masq    1      0          0    
TCP  10.1.0.2:53 rr
 -> 10.2.38.11:53                Masq    1      0          0    
UDP  10.1.0.2:53 rr
 -> 10.2.38.11:53                Masq    1      0          0    
 
[root@linux-node1 ~]# kubectl run dns-test --rm -it --image=alpine /bin/sh
If you don't see a command prompt, try pressing enter.
/ # ping chegva.com
PING chegva.com (60.205.185.229): 56 data bytes
/ # ip r
default via 10.2.38.1 dev eth0
10.2.0.0/16 via 10.2.38.1 dev eth0
10.2.38.0/24 dev eth0 scope link  src 10.2.38.12

2.Dashboard部署

1.创建Dashboard

[root@linux-node1 dashboard]# ls
admin-user-sa-rbac.yaml  kubernetes-dashboard.yaml  ui-admin-rbac.yaml  ui-read-rbac.yaml
[root@linux-node1 dashboard]# kubectl create -f .
serviceaccount "admin-user" created
clusterrolebinding.rbac.authorization.k8s.io "admin-user" created
secret "kubernetes-dashboard-certs" created
serviceaccount "kubernetes-dashboard" created
role.rbac.authorization.k8s.io "kubernetes-dashboard-minimal" created
rolebinding.rbac.authorization.k8s.io "kubernetes-dashboard-minimal" created
deployment.apps "kubernetes-dashboard" created
service "kubernetes-dashboard" created
clusterrole.rbac.authorization.k8s.io "ui-admin" created
rolebinding.rbac.authorization.k8s.io "ui-admin-binding" created
clusterrole.rbac.authorization.k8s.io "ui-read" created
rolebinding.rbac.authorization.k8s.io "ui-read-binding" created

[root@linux-node1 dashboard]# kubectl get deployment -n kube-system
NAME                   DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
coredns                2         2         2            1           51m
kubernetes-dashboard   1         1         1            1           25s
[root@linux-node1 dashboard]# kubectl get service -n kube-system
NAME                   TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)         AGE
coredns                ClusterIP   10.1.0.2       <none>        53/UDP,53/TCP   52m
kubernetes-dashboard   NodePort    10.1.128.179   <none>        443:34268/TCP   54s
[root@linux-node1 dashboard]# kubectl get pod -n kube-system
NAME                                    READY     STATUS              RESTARTS   AGE
coredns-77c989547b-mtmwg                0/1       ContainerCreating   0          52m
coredns-77c989547b-prmvs                1/1       Running             0          52m
kubernetes-dashboard-66c9d98865-k4nrx   1/1       Running             0          1m

2.获取Token

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

3.访问Dashboard

https://192.168.56.12:34268,  选择令牌模式登录。

Kubernetes实战(十二)——CoreDNS和Dashboard部署

Kubernetes实战(十二)——CoreDNS和Dashboard部署

anzhihe安志合个人博客,版权所有丨 如未注明,均为原创 丨转载请注明转自:https://chegva.com/3056.html | ☆★★每天进步一点点,加油!★★☆

您可能还感兴趣的文章!

发表评论

电子邮件地址不会被公开。 必填项已用*标注