[tke] modify the cluster corendns service address

Use scenarios

TKE Medium Coredns service IP At present, there is no way to specify when creating a cluster , It is configured from the customer by default Service CIDR A random... Is assigned to the network segment IP, The following describes how to customize and modify Coredns service IP.

Prerequisite

1. In configuration service CIDR Select a network segment that is not currently used in the cluster IP
2. Inventory in the cluster Pods It is acceptable to be rebuilt .

Operation steps

1. modify kubelet Launch parameters First, go to the stock node to modify kubelet In profile --cluster-dns The parameter is new Cluster IP And restart kubelet, The operation command is as follows ：

DNS_CLUSTER_IP=xxx.xxx.xxx.xxx
sed -i "/CLUSTER_DNS/c\CLUSTER_DNS=\"--cluster-dns=${DNS_CLUSTER_IP}\"" /etc/kubernetes/kubelet
systemctl restart kubelet

2. Rebuild specifies a new ClusterIP Of Coredns Of Service resources

because .spec.clusterIP Fields are not modifiable , So you must delete the original Service resources ：

kubectl delete svc kube-dns -n kube-system

And then recreate Service kube-dns, The following can be modified and applied according to the requirements YAML The reconstruction ：

apiVersion: v1
kind: Service
metadata:
  annotations:
    prometheus.io/port: "9153"
    prometheus.io/scrape: "true"
  labels:
    addonmanager.kubernetes.io/mode: Reconcile
    kubernetes.io/cluster-service: "true"
    kubernetes.io/name: CoreDNS
  name: kube-dns
  namespace: kube-system
spec:
  clusterIP: xxx.xxx.xxx.xxx  #  The service you want to specify  IP
  ports:
  - name: dns-tcp
    port: 53
    protocol: TCP
    targetPort: 53
  - name: dns
    port: 53
    protocol: UDP
    targetPort: 53
  selector:
    k8s-app: kube-dns
  sessionAffinity: None
  type: ClusterIP

3. Rebuild all the stocks in the cluster Pods

because kubelet Use --cluster-dns=<DNS service IP> The logo will DNS The parser information is passed to each container , So stock Pods It needs to be rebuilt and updated to the new Cluster IP, Use the normal delete command ：

 kubectl delete pod --all --all-namespaces 

4. Specify... When creating a new node kubelet Parameters

When creating a new node, you can specify through the function of user-defined parameters kubelet In profile --cluster-dns Parameters , However, at present, you need to contact the after-sales students to open a white list, which can be configured on the console .

reminder ： because Coredns Pods A special , stay Coredns When created, the container /etc/resolv.conf The default is to inherit from the same path of the current node Dnsservers To configure , Can't use kubelet Parameter , And it won't follow watch And synchronization nodes /etc/resolv.conf Changes to the contents of , Therefore, the configuration on the node needs to be rebuilt after modification coredns Pods Update new configuration .