k8s環境之bind 9 (一)

本文轉載自查看原文 2020-06-06 11:05 976 Kubernetes容器雲技術專題

主機名	角色	IP	部署服務
hdss7-11.host.com	k8s前端代理節點1	192.168.12.11	bind9 nginx（四層代理）keepalived supervisior
hdss7-21.host.com	k8s前端代理節點2	192.168.12.12	etcd nginx（四層代理）keepalived supervisor
hdss7-21.host.com	k8s運算節點1	192.168.12.21	etcd kube-api kube-conytroller-manager kube-scheduler kube-kubelet kube-proxy supervisior
hdss7-22.host.com	k8s運算節點2	192.168.12.22	etcd kube-api kube-conytroller-manager kube-scheduler kube-kubelet kube-proxy supervisior
hdss7-200.host.com	運維管理主機()	192.168.12.200	證書服務 docker倉庫(harbor) nginx代理本機harbor pause ansible

1.開始安裝11主機bind 9

安裝必要軟件 #yum -y install wget net-tools telnet tree nmap sysstat lrzsz dos2unix bind-utils -y [root@hdss7-11 ~]# yum install -y bind 配置bind [root@hdss7-11 ~]# vi /etc/named.conf # BIND進程的工作屬性，區域的定義 13 listen-on port 53 { 192.168.154.11; }; # 監聽本機IP 14 listen-on-v6 port 53 { ::1; }; # 刪除，不監聽IPV6 20 allow-query { any; }; # 允許所有主機查看 21 forwarders { 192.168.154.2; }; # 辦公網上一級的DNS,（生產寫運營商dns） 33 recursion yes; # dns采用遞歸的查詢 35 dnssec-enable no; # 關閉，節省資源（生產可能不需要關閉） 36 dnssec-validation no; # 關閉，節省資源，不做互聯網認證  檢查配置 [root@hdss7-11 ~]# named-checkconf [root@hdss7-11 ~]# echo $?    配置區域配置文件在文件末尾添加 [root@hdss7-11 ~]# vim /etc/named.rfc1912.zones zone "host.com" IN {  type master;  file "host.com.zone";  allow-update { 192.168.12.11; }; };  zone "od.com" IN {  type master;  file "od.com.zone";  allow-update { 192.168.12.11; }; };  配置區域數據文件 [root@hdss7-11 ~]# vi /var/named/host.com.zone [root@hdss7-11 ~]# cat /var/named/host.com.zone $ORIGIN host.com. $TTL 600 ; 10 minutes @ IN SOA dns.host.com. dnsadmin.host.com. (  20200606 ; serial  10800 ; refresh (3 hours)  900 ; retry (15 minutes)  604800 ; expire (1 week)  86400 ; minimum (1 day)  )  NS dns.host.com. $TTL 60 ; 1 minute dns A 192.168.12.11 HDSS7-11 A 192.168.12.11 HDSS7-12 A 192.168.12.12 HDSS7-21 A 192.168.12.21 HDSS7-22 A 192.168.12.22 HDSS7-200 A 192.168.12.200   [root@hdss7-11 ~]# cat /var/named/od.com.zone $ORIGIN od.com. $TTL 600 ; 10 minutes @ IN SOA dns.od.com. dnsadmin.od.com. (  20200606 ; serial  10800 ; refresh (3 hours)  900 ; retry (15 minutes)  604800 ; expire (1 week)  86400 ; minimum (1 day)  )  NS dns.od.com. $TTL 60 ; 1 minute dns A 192.168.12.11   檢測區域數據文件 [root@hdss7-11 ~]# named-checkconf [root@hdss7-11 ~]# named-checkzone "host.com" /var/named/host.com.zone zone host.com/IN: loaded serial 20200606 OK [root@hdss7-11 ~]# named-checkzone "od.com" /var/named/od.com.zone zone od.com/IN: loaded serial 20200606 OK    更改文件的屬組權限 [root@hdss7-11 ~]# chown root:named /var/named/host.com.zone [root@hdss7-11 ~]# chown root:named /var/named/od.com.zone [root@hdss7-11 ~]# chmod 640 /var/named/host.com.zone [root@hdss7-11 ~]# chmod 640 /var/named/od.com.zone  [root@hdss7-11 ~]# systemctl restart named [root@hdss7-11 ~]# systemctl enable named Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service. [root@hdss7-11 ~]# netstat -lntup|grep 53 tcp 0 0 192.168.12.11:53 0.0.0.0:* LISTEN 1752/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1752/named tcp6 0 0 ::1:953 :::* LISTEN 1752/named udp 0 0 192.168.12.11:53 0.0.0.0:* 1752/named   驗證解析 [root@hdss7-11 ~]# dig -t A hdss7-21.host.com @192.168.12.11 +short 192.168.12.21 [root@hdss7-11 ~]# dig -t A hdss7-200.host.com @192.168.12.11 +short 192.168.12.200

2 其他節點DNS指向11

11修改dns [root@hdss7-11 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 TYPE=Ethernet BOOTPROTO=none HWRADD=00:0c:29:c7:cd:40 NAME=eth0 DEVICE=eth0 ONBOOT=yes IPADDR=192.168.12.11 GATEWAY=192.168.12.1 DNS1=192.168.12.11  [root@hdss7-11 ~]# /etc/init.d/network restart Restarting network (via systemctl): [ OK ] [root@hdss7-11 ~]# ping baidu.com PING baidu.com (39.156.69.79) 56(84) bytes of data. 64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=1 ttl=128 time=202 ms [root@hdss7-11 ~]# cat /etc/resolv.conf # Generated by NetworkManager search host.com nameserver 192.168.12.11     12指定DNS [root@hdss7-12 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 DNS=192.168.12.11 [root@hdss7-12 ~]# /etc/init.d/network restart [root@hdss7-12 ~]# curl -I www.baidu.com HTTP/1.1 200 OK [root@hdss7-12 ~]# cat /etc/resolv.conf # Generated by NetworkManager search host.com nameserver 192.168.12.11  21指定dns [root@hdss7-21 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 DNS=192.168.12.11 [root@hdss7-21 ~]# /etc/init.d/network restart Restarting network (via systemctl): [ OK ] [root@hdss7-21 ~]# cat /etc/resolv.conf # Generated by NetworkManager search host.com nameserver 192.168.12.11 [root@hdss7-21 ~]# curl -i baidu.com HTTP/1.1 200 OK  22指定dns [root@hdss7-22 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 DNS=192.168.12.11 [root@hdss7-22 ~]# /etc/init.d/network restart Restarting network (via systemctl): [ OK ] [root@hdss7-22 ~]# curl -i baidu.com HTTP/1.1 200 OK [root@hdss7-22 ~]# cat /etc/resolv.conf # Generated by NetworkManager search host.com nameserver 192.168.12.11  200指定dns  [root@hdss7-200 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 DNS=192.168.12.11 [root@hdss7-200 ~]# /etc/init.d/network restart Restarting network (via systemctl): [ OK ] [root@hdss7-200 ~]# cat /etc/resolv.conf # Generated by NetworkManager search host.com nameserver 192.168.12.11 [root@hdss7-200 ~]# curl -i www.baidu.com HTTP/1.1 200 OK   windows 10 將本機的網卡DNS也改成192.168.12.11 IPV4 -- 高級 -- 越點改成20 [c:\~]$ ping hdss7-200.host.com 正在 Ping HDSS7-200.host.com [192.168.12.200] 具有 32 字節的數據: 來自 192.168.12.200 的回復: 字節=32 時間<1ms TTL=64  mac 偏好設置---網絡---高級---DNS--dns為192.168.12.11 搜索域為od.com


原文章已同步到語雀
https://www.yuque.com/songyifei/bkxwl0/guhrrr

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 k8s環境部署（一） k8s 環境搭建 k8s環境清理 k8s環境搭建 k8s:安裝k8s環境(minikube 1.9.2) 公網環境搭建k8s集群 Docker與K8S環境搭建 k8s環境安裝tomcat應用安裝k8s和NVIDIA環境腳本部署k8s環境