当前位置:网站首页>材料之kube-dns.yaml
材料之kube-dns.yaml
2022-06-09 04:57:00 【是在下了】
---
#ConfigMap是我们见到的一个新类型,顾名思义是做配置管理的,这里用作kube-dns配置存储
apiVersion: v1
kind: ConfigMap
metadata:
name: kube-dns
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: EnsureExists
---
#认证授权使用,这里未用到
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-dns
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: Reconcile
---
#dns服务
apiVersion: v1
kind: Service
metadata:
name: kube-dns
namespace: kube-system
labels:
k8s-app: kube-dns
addonmanager.kubernetes.io/mode: Reconcile
kubernetes.io/name: "KubeDNS"
spec:
selector:
#选择器,一个服务包含了哪些pods
k8s-app: kube-dns
#服务的clusterip,需要跟kubelet保持一致
clusterIP: 10.68.0.2
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
protocol: TCP
---
#具体的pod定义,包含了三个容器
apiVersion: apps/v1
kind: Deployment
metadata:
name: kube-dns
namespace: kube-system
labels:
k8s-app: kube-dns
addonmanager.kubernetes.io/mode: Reconcile
spec:
strategy:
rollingUpdate:
maxSurge: 10%
maxUnavailable: 0
selector:
matchLabels:
k8s-app: kube-dns
template:
metadata:
labels:
k8s-app: kube-dns
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
volumes:
- name: kube-dns-config
configMap:
name: kube-dns
optional: true
containers:
#实现dns解析功能
- name: kubedns
image: registry.cn-hangzhou.aliyuncs.com/imooc/k8s-dns-kube-dns-amd64:1.14.5
resources:
# TODO: Set memory limits when we've profiled the container for large
# clusters, then set request = limit to keep this container in
# guaranteed class. Currently, this container falls into the
# "burstable" category so the kubelet doesn't backoff from restarting it.
limits:
memory: 170Mi
requests:
cpu: 100m
memory: 70Mi
livenessProbe:
httpGet:
path: /healthcheck/kubedns
port: 10054
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
httpGet:
path: /readiness
port: 8081
scheme: HTTP
# we poll on pod startup for the Kubernetes master service and
# only setup the /readiness HTTP server once that's available.
initialDelaySeconds: 3
timeoutSeconds: 5
args:
- --domain=cluster.local.
- --dns-port=10053
- --config-dir=/kube-dns-config
#访问kube-apiserver的地址
- --kube-master-url=http://{
{
MASTER_IP}}:8080
- --v=2
env:
- name: PROMETHEUS_PORT
value: "10055"
ports:
- containerPort: 10053
name: dns-local
protocol: UDP
- containerPort: 10053
name: dns-tcp-local
protocol: TCP
- containerPort: 10055
name: metrics
protocol: TCP
volumeMounts:
- name: kube-dns-config
mountPath: /kube-dns-config
#dnsmasq类似一个dns缓存,用于提高访问效率
- name: dnsmasq
image: registry.cn-hangzhou.aliyuncs.com/imooc/k8s-dns-dnsmasq-nanny-amd64:1.14.5
livenessProbe:
httpGet:
path: /healthcheck/dnsmasq
port: 10054
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
args:
- -v=2
- -logtostderr
- -configDir=/etc/k8s/dns/dnsmasq-nanny
- -restartDnsmasq=true
- --
- -k
- --cache-size=1000
- --log-facility=-
- --server=/cluster.local./127.0.0.1#10053
- --server=/in-addr.arpa/127.0.0.1#10053
- --server=/ip6.arpa/127.0.0.1#10053
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
# see: https://github.com/kubernetes/kubernetes/issues/29055 for details
resources:
requests:
cpu: 150m
memory: 20Mi
volumeMounts:
- name: kube-dns-config
mountPath: /etc/k8s/dns/dnsmasq-nanny
#sidecar是一个监控功能,负责监控另外两个容器的运行
- name: sidecar
image: registry.cn-hangzhou.aliyuncs.com/imooc/k8s-dns-sidecar-amd64:1.14.5
livenessProbe:
httpGet:
path: /metrics
port: 10054
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
args:
- --v=2
- --logtostderr
- --probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.cluster.local.,5,A
- --probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.cluster.local.,5,A
ports:
- containerPort: 10054
name: metrics
protocol: TCP
resources:
requests:
memory: 20Mi
cpu: 10m
dnsPolicy: Default # Don't use cluster DNS.
serviceAccountName: kube-dns
边栏推荐
- 2022 welder (elementary) special operation certificate examination question bank and simulation examination
- pytest_allure优先级、fixture-scope参数介绍
- P1779 小胡同学的跳板
- Openstack Learning Series 1: openstack introduction, installation and deployment of basic environment
- “迪文杯”淄博技师学院电气工程系师生技能比武活动成功举办
- openGL_ 04 drawing with index array
- TypeScript 的内置对象
- Typescript learning [8] enumeration type
- Mmdet modify the font size, position, color and fill box of the detection box
- PS how to add white edges to images
猜你喜欢

ps如何给图像加白边

openGL_ 01 create window

三方账号授权登录系统设计思路

2022年安全员-A证考试试题及在线模拟考试

R language multivariable generalized orthogonal GARCH (go-garch) model for fitting and forecasting high-dimensional volatility time series of stock market

The half year revenue of mushroom street was 168million yuan: a year-on-year decrease of 29% and an operating loss of 240million yuan

聊聊保证线程安全的10个小技巧

Openstack Learning Series 1: openstack introduction, installation and deployment of basic environment

Design idea of three party account authorization login system

Nacos1.1.4版本本地源码启动
随机推荐
The latest JMeter pressure test in the whole network is not much to say. I just want to teach you to use JMeter to write script pressure test as soon as possible
. Net core 3.0 grpc custom service
[6.824 distributed system] LEC 6 & 7: fault tolerance: raft
cksort
Penetration test path dictionary, blasting dictionary
pytest_allure优先级、fixture-scope参数介绍
App website applet vulnerability search test service
SWFUpload
TypeScript 学习【9】泛型
Typescript learning [7] advanced types: Union type and cross type
ps如何给图像加边框
由id获取name调用示例(腾讯IM)
Rendering pipeline ---- easy to understand and introduce to the interviewer
Openstack Learning Series 12: installing CEPH and docking openstack
Types, advantages and disadvantages of MySQL indexes
Win10 installing appium environment
ASP. Net core build scheduling service - use generic host with quartz Net
Transformer里面的缓存机制
Openstack Learning Series 1: openstack introduction, installation and deployment of basic environment
openGL_ 02 point line surface triangle