获取 yaml
这个直接复制地址去github 直接 copy 吧,wget 和 curl 都不太行
https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/coredns/coredns.yaml.base
root@k8s-master-u2404-4-20-101:~/coredns_install# mv coredns.yaml.base coredns.yaml
root@k8s-master-u2404-4-20-101:~/coredns_install# vim coredns.yaml
---
镜像:
image: registry.k8s.io/coredns/coredns:v1.11.1
改为:
image: registry.aliyuncs.com/google_containers/coredns:v1.11.1
修改:
memory: __DNS__MEMORY__LIMIT__
为:
memory: 170Mi
kube-dns:
k8s-app: kube-dns
clusterIP: __DNS__SERVER__
改为:
clusterIP: 10.0.0.2
---
root@k8s-master-u2404-4-20-101:~/coredns_install# kubectl apply -f coredns.yaml
serviceaccount/coredns created
clusterrole.rbac.authorization.k8s.io/system:coredns created
clusterrolebinding.rbac.authorization.k8s.io/system:coredns created
configmap/coredns created
deployment.apps/coredns created
service/kube-dns created报错记录
root@k8s-u-2404-101:~# kubectl logs -n kube-system coredns-f5c69f76f-k4cdg
.:53
[INFO] plugin/reload: Running configuration SHA512 = 036c3f6ee88ebdc9a17970c9229e8da6d89d9a6855b9b25ee570c103ca781f1866038f066a75a1163550c3e807035dfb754c50cd22136469ec240fe7965422f0
CoreDNS-1.11.3
linux/amd64, go1.21.11, a6338e9
[FATAL] plugin/loop: Loop (127.0.0.1:56594 -> :53) detected for zone ".", see https://coredns.io/plugins/loop#troubleshooting. Query: "HINFO 4124935778518956925.4953294182382941038."
Kubernetes集群中转发循环的常见原因是与主机节点上的本地DNS缓存进行交互(例如systemd-resolved)。 例如,在某些配置中,systemd-resolved会将回送地址127.0.0.53作为名称服务器放入/etc/resolv.conf中。 默认情况下,Kubernetes(通过kubelet)将使用默认的dnsPolicy将此/etc/resolv.conf文件传递给所有Pod,从而使它们无法进行DNS查找(包括CoreDNS Pods)。 CoreDNS将此/etc/resolv.conf用作将请求转发到的上游列表。 由于它包含回送地址,因此CoreDNS最终将请求转发给自己。
#添加一行resolvConf: /run/systemd/resolve/resolv.conf
root@k8s-u-2404-101:~# cat /opt/kubernetes/cfg/kubelet-config.yml
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
address: 0.0.0.0
port: 10250
readOnlyPort: 10255
cgroupDriver: cgroupfs
clusterDNS:
- 10.0.0.2
clusterDomain: cluster.local
resolvConf: /run/systemd/resolve/resolv.conf
failSwapOn: false
authentication:
anonymous:
enabled: false
webhook:
cacheTTL: 2m0s
enabled: true
x509:
clientCAFile: /opt/kubernetes/ssl/ca.pem
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 5m0s
cacheUnauthorizedTTL: 30s
evictionHard:
imagefs.available: 15%
memory.available: 100Mi
nodefs.available: 10%
nodefs.inodesFree: 5%
maxOpenFiles: 1000000
maxPods: 110
#发给每个node节点
root@k8s-u-2404-101:~# scp /opt/kubernetes/cfg/kubelet-config.yml root@192.168.122.102:/opt/kubernetes/cfg/
root@192.168.122.102's password:
kubelet-config.yml 100% 656 1.0MB/s 00:00
root@k8s-u-2404-101:~# scp /opt/kubernetes/cfg/kubelet-config.yml root@192.168.122.104:/opt/kubernetes/cfg/
root@192.168.122.104's password:
kubelet-config.yml 100% 656 1.1MB/s 00:00
#重启
root@k8s-u-2404-101:~# systemctl restart kubelet.service
root@k8s-u-2404-102:~# systemctl restart kubelet.service
root@k8s-u-2404-104:~# systemctl restart kubelet.service
root@k8s-u-2404-101:~# kubectl delete pod coredns-f5c69f76f-k4cdg -n kube-system
pod "coredns-f5c69f76f-k4cdg" deleted
root@k8s-u-2404-101:~# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-ddf655445-zq5zp 1/1 Running 0 47h
kube-system calico-node-h6zm6 1/1 Running 0 47h
kube-system calico-node-n6j9c 1/1 Running 0 24h
kube-system calico-node-z2s2w 1/1 Running 0 26h
kube-system coredns-f5c69f76f-pcxg2 1/1 Running 0 9s
kubernetes-dashboard dashboard-metrics-scraper-795895d745-8bht4 1/1 Running 0 89m
kubernetes-dashboard kubernetes-dashboard-56cf4b97c5-2swlv 1/1 Running 0 89m