|
|
||
|---|---|---|
| .. | ||
| 01-namespace.yaml | ||
| 02-etcd.yaml | ||
| 03-external-dns.yaml | ||
| 04-coredns.yaml | ||
| cleanup.sh | ||
| README.md | ||
Private DNS installation
Contexte
We want to deploy an internal DNS to serve private domain and that will be able to forward any other requests to another DNS.
Architecture
We will use CoreDNS (not the cluster internal) to serve those requests. A etcd cluster will be deployed in statefullset, with PVC, as CoreDNS' backend. We finally deploy external-dns to handle DNS entry creation and suppression, in Service or Ingress rules.
Deploy
Pretty straitforward using manifests from 01* to 04*.
The CoreDNS configuration is in 04-coredns.yaml :
data:
Corefile: |
open-it.intra {
errors
health
log
etcd {
endpoint http://etcd-dns:2379
}
cache 30
prometheus 0.0.0.0:9153
}
. {
forward . 192.168.5.1
cache
}
Testing
We will test by deploying a service type LoadBalancer with the annotation : external-dns.alpha.kubernetes.io/hostname: "<url|fqdn>"
Let's try with that Service :
apiVersion: v1
kind: Service
metadata:
name: nginx-frontend
annotations:
external-dns.alpha.kubernetes.io/hostname: "nginx.open-it.intra"
spec:
ports:
- name: "web"
port: 80
targetPort: 80
selector:
app: nginx
type: LoadBalancer
First, let's retrieve DNS IP :
$ kubectl -n dns get svc coredns
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
coredns LoadBalancer 10.98.74.182 192.168.5.201 53:30690/UDP 2d1h
We can now try DNS resolution
$ dig @192.168.5.201 nginx.open-it.intra +short
192.168.5.203
or
$ nslookup nginx.open-it.intra 192.168.5.201
Server: 192.168.5.201
Address: 192.168.5.201#53
Name: nginx.open-it.intra
Address: 192.168.5.203
To do
Add a file with static entries.