Sisanda kwethula i-Kubernetes 1.9 ku-AWS sisebenzisa i-Kops. Izolo, ngenkathi ngikhipha ithrafikhi entsha ngokushelelayo kumaqoqo ethu amakhulu e-Kubernetes, ngiqale ukuqaphela amaphutha angajwayelekile wokuxazulula amagama e-DNS afakwe uhlelo lwethu lokusebenza.
Kuningi kakhulu ngalokhu ku-GitHub , ngakho nami nganquma ukukucacisa. Ekugcineni, ngabona ukuthi esimweni sethu lokhu kubangelwa umthwalo owandayo kube-dns ΠΈ dnsmasq. Into ethakazelisa kakhulu nentsha kimi kwakuyisona sizathu sokwanda okukhulu kwethrafikhi yesicelo se-DNS. Okuthunyelwe kwami ββkumayelana nalokhu nokuthi ngenzenjani ngakho.
Ukulungiswa kwe-DNS ngaphakathi kwesiqukathi - njengakunoma iyiphi isistimu ye-Linux - kunqunywa ifayela lokumisa /etc/resolv.conf. Okuzenzakalelayo Kubernetes dnsPolicy lokhu kungukuthi ClusterFirst, okusho ukuthi noma yisiphi isicelo se-DNS sizothunyelwa dnsmasq, egijima esidunjini kube-dns ngaphakathi kweqoqo, elizodlulisela isicelo kuhlelo lokusebenza kube-dns, uma igama ligcina ngesijobelelo seqoqo, noma, ngaphandle kwalokho, liye ezingeni eliphezulu leseva ye-DNS.
Π€Π°ΠΉΠ» /etc/resolv.conf ngaphakathi kwesiqukathi ngasinye okuzenzakalelayo kuzobukeka kanje:
nameserver 100.64.0.10
search namespace.svc.cluster.local svc.cluster.local cluster.local
eu-west-1.compute.internal
options ndots:5Njengoba ubona, kuneziqondiso ezintathu:
- Igama leseva yi-IP yesevisi
kube-dns - 4 izizinda zokusesha zendawo ezicacisiwe
search - Kukhona inketho
ndots:5
Ingxenye ethokozisayo yalokhu kumisa ukuthi izizinda zosesho lwasendaweni kanye nezilungiselelo ndots:5 nizwane. Ukuze uqonde lokhu, udinga ukuqonda ukuthi isixazululo se-DNS samagama angafaneleki sisebenza kanjani.
Lithini igama eligcwele?
Igama elifaneleke ngokugcwele igama okungekho ukubhekwa kwalo kwendawo okuzokwenziwa futhi igama lizobhekwa njengeliphelele ngesikhathi sokulungiswa kwegama. Ngokwesimiso, isofthiwe ye-DNS ibheka igama njengelifaneleke ngokugcwele uma ligcina ngechashazi (.), futhi lingafaneleki ngokugcwele ngenye indlela. Leyo google.com. kuchazwe ngokugcwele futhi google.com - Cha.
Liphathwa kanjani igama elingafaneleki?
Uma uhlelo lokusebenza luxhumeka kumsingathi wesilawuli kude esishiwo egameni, ukulungiswa kwegama le-DNS ngokuvamile kwenziwa kusetshenziswa ikholi yesistimu, isb. getaddrinfo(). Kodwa uma igama lingafaneleki (aligcini ngokuthi.) Ngiyazibuza ukuthi uma ikholi yesistimu izozama ukuxazulula igama njengegama eliphelele kuqala, noma idlule ezizindeni zokusesha zasendaweni kuqala? Kuya ngenketho ndots.
Kusukela kumanuwali resolv.conf:
ndots:n
ΡΡΡΠ°Π½Π°Π²Π»ΠΈΠ²Π°Π΅Ρ ΠΏΠΎΡΠΎΠ³ Π΄Π»Ρ ΠΊΠΎΠ»ΠΈΡΠ΅ΡΡΠ²Π° ΡΠΎΡΠ΅ΠΊ, ΠΊΠΎΡΠΎΡΡΠ΅ Π΄ΠΎΠ»ΠΆΠ½Ρ ΠΏΠΎΡΠ²ΠΈΡΡΡΡ Π² ΠΈΠΌΠ΅Π½ΠΈ, ΠΏΡΠ΅ΠΆΠ΄Π΅ ΡΠ΅ΠΌ Π±ΡΠ΄Π΅Ρ ΡΠ΄Π΅Π»Π°Π½ Π½Π°ΡΠ°Π»ΡΠ½ΡΠΉ Π°Π±ΡΠΎΠ»ΡΡΠ½ΡΠΉ Π·Π°ΠΏΡΠΎΡ. ΠΠ½Π°ΡΠ΅Π½ΠΈΠ΅ ΠΏΠΎ ΡΠΌΠΎΠ»ΡΠ°Π½ΠΈΡ Π΄Π»Ρ n ΡΠ°Π²Π½ΠΎ 1, ΡΡΠΎ ΠΎΠ·Π½Π°ΡΠ°Π΅Ρ, ΡΡΠΎ Π΅ΡΠ»ΠΈ Π² ΠΈΠΌΠ΅Π½ΠΈ Π΅ΡΡΡ ΠΊΠ°ΠΊΠΈΠ΅-Π»ΠΈΠ±ΠΎ ΡΠΎΡΠΊΠΈ, ΠΈΠΌΡ Π±ΡΠ΄Π΅Ρ ΡΠ½Π°ΡΠ°Π»Π° ΠΎΠΏΡΠΎΠ±ΠΎΠ²Π°Π½ΠΎ ΠΊΠ°ΠΊ Π°Π±ΡΠΎΠ»ΡΡΠ½ΠΎΠ΅ ΠΈΠΌΡ, ΠΏΡΠ΅ΠΆΠ΄Π΅ ΡΠ΅ΠΌ ΠΊ Π½Π΅ΠΌΡ Π±ΡΠ΄ΡΡ Π΄ΠΎΠ±Π°Π²Π»Π΅Π½Ρ ΠΊΠ°ΠΊΠΈΠ΅-Π»ΠΈΠ±ΠΎ ΡΠ»Π΅ΠΌΠ΅Π½ΡΡ ΡΠΏΠΈΡΠΊΠ° ΠΏΠΎΠΈΡΠΊΠ°.Lokhu kusho ukuthi uma for ndots uma kunikezwe inani elingu-5 futhi igama liqukethe amachashazi angaphansi kuka-5, ikholi yesistimu izozama ukuyixazulula ngokulandelana, kuqala inqamule zonke izizinda zokusesha zendawo, futhi, uma kuhlulekile, ekugcineni ixazulule njengegama eliphelele.
Kungani pho ndots:5 kungaba nomthelela omubi ekusebenzeni kohlelo lokusebenza?
Njengoba ungacabanga, uma uhlelo lwakho lokusebenza lisebenzisa ithrafikhi eningi yangaphandle, kukho konke ukuxhumana kwe-TCP okusungulwe (noma ngokunembe kakhulu, kuwo wonke amagama axazululiwe), izokhipha imibuzo emi-5 ye-DNS ngaphambi kokuthi igama lixazululwe kahle, ngoba lizoqala lidlule. 4 isizinda sokusesha sendawo, futhi ekugcineni sizokhipha isicelo sokuxazulula igama ngokuphelele.
Ishadi elilandelayo libonisa inani lethrafikhi kumamojula wethu we-kube-dns angu-3 ngaphambi nangemuva kokuthi sishintshe amagama omethuleli ambalwa amiswe kuhlelo lwethu lokusebenza ukuba afaneleke ngokugcwele.
Umdwebo olandelayo ubonisa ukubambezeleka kohlelo lokusebenza ngaphambi nangemuva kokuthi sishintshe amagama omethuleli amaningana amisiwe kuhlelo lwethu lokusebenza abe amagama aphelele (umugqa oluhlaza okwesibhakabhaka oqondile uwukusetshenziswa):
Isixazululo #1 - Sebenzisa amagama afaneleke ngokugcwele
Uma unamagama ambalwa angaphandle amile (okungukuthi achazwe ekucushweni kohlelo lokusebenza) owakha kuwo inqwaba yokuxhumana, mhlawumbe isisombululo esilula ukuwashintshela kwabafaneleke ngokugcwele ngokumane uwahlanganise. ekugcineni.
Lesi akusona isixazululo sokugcina, kodwa kusiza ukushesha, nakuba hhayi ngokuhlanzekile, ukuthuthukisa isimo. Sisebenzise lesi siqeshana ukuze sixazulule inkinga yethu, imiphumela yayo eboniswe kuzithombe-skrini ezingenhla.
Isixazululo #2 - ukwenza ngokwezifiso ndots Π² dnsConfig
Ku-Kubernetes 1.9, ukusebenza kuvele kumodi ye-alpha (inguqulo ye-beta v1.10), ekuvumela ukuthi ulawule kangcono amapharamitha e-DNS ngesakhiwo se-pod dnsConfig. Phakathi kwezinye izinto, ikuvumela ukuthi ulungiselele inani ndots nge-pod ethile, i.e.
apiVersion: v1
kind: Pod
metadata:
namespace: default
name: dns-example
spec:
containers:
- name: test
image: nginx
dnsConfig:
options:
- name: ndots
value: "1"Imithombo
Funda nezinye izindatshana kubhulogi yethu:
Source: www.habr.com