CoreDNS 添加自定义 Hosts 解析与 DNS 转发解析

一、描述

当服务或者DNS故障时，在宿主机做dns解析或者hosts是无效的，k8s容器使用coredns进行解析，除非pod使用宿主机dns解析，这样是很不友好的。

1.1、编辑 CoreDNS CM配置

kubectl edit configmap -n kube-system coredns

1.2、自定义 HOSTS 解析

• HOSTS 解析解决全部POD快速dns解析保证容器内服务正常调用
• DNS转发解决全部容器对指定域名转发到指定dns服务器

.:53 {
    errors
    health {
       lameduck 5s
    }
    ready
    kubernetes cluster.local in-addr.arpa ip6.arpa {
       pods insecure
       fallthrough in-addr.arpa ip6.arpa
       ttl 30
    }
    prometheus :9153
    forward . /etc/resolv.conf {
       max_concurrent 1000
    }
    cache 30
    loop
    reload
    loadbalance
    # HOSTS 主机名解析
    hosts {
        127.127.127.127 test.aka.com
        fallthrough
    }
}
# DNS 转发解析
aka.com:53 {
    errors
    cache 30
    forward . 10.1.255.18 10.2.255.18
    reload
}

1.3、HOSTS 主机名解析效果

root@dasd-quark-8cffb964f-mn4lh:/etc/nginx$ping test.aka.com
PING test.aka.com (127.127.127.127): 56 data bytes
64 bytes from 127.127.127.127: seq=0 ttl=64 time=0.021 ms
64 bytes from 127.127.127.127: seq=1 ttl=64 time=0.054 ms
^C
--- test.aka.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.021/0.037/0.054 ms

1.4、DNS 转发解析效果

root@dasd-quark-8cffb964f-mn4lh:/etc/nginx$ ping aka.aka.com
PING prod-crm.mbcrm.com (10.1.3.100) 56(84) bytes of data.
64 bytes from 10.1.5.2 (10.1.3.100): icmp_seq=1 ttl=254 time=0.371 ms
64 bytes from 10.1.5.2 (10.1.3.100): icmp_seq=2 ttl=254 time=0.390 ms
64 bytes from 10.1.5.2 (10.1.3.100): icmp_seq=3 ttl=254 time=0.400 ms
^C
--- prod-crm.mbcrm.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2029ms
rtt min/avg/max/mdev = 0.371/0.387/0.400/0.012 ms