Post

Kubernetes - CoreDNS

Kubernetes 기초

Posted Updated
By 김석현
3 min read
Kubernetes - CoreDNS

DNS 도메인 네임 서비스

  • 서비스를 생성하면 대응되는 DNS 엔트리가 생성됨
  • 엔트리는 <서비스 이름="">.<네임스페이스 이름="">.svc.cluster.local 의 형식을 가짐 ![Image](https://prod-files-secure.s3.us-west-2.amazonaws.com/e6db513d-ec54-40ff-aa74-2487b0bcfe15/50226290-9a5d-44b5-a10d-6e70642e1a84/Untitled.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=ASIAZI2LB4662UNL4RDM%2F20250805%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20250805T061029Z&X-Amz-Expires=3600&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEB4aCXVzLXdlc3QtMiJHMEUCIDWtjjNzEgQHgZZTtsO%2F5mGtOPC%2B99yWkkUdl3Jy89uUAiEAiXisyZPGOMWu9m2LHhrbrVPiMnG%2F9esLfXE%2FZ%2B5UDwgq%2FwMIVxAAGgw2Mzc0MjMxODM4MDUiDMNBGhtl8KdOA%2FpIiSrcA8aI9WHP1uBII9G0ZV3HEv1izOwaEJkv46JyiPh1TUPRQNzaoUHrNeLkLiN1qTRrScbMHT2OiRNLd19RixCksf7NtFgOQUKCTQS9LTOslZOoQ9c%2Flh9e7eS0%2B0gYhBojXsvfqboiuo1aSeMBxa9A%2FK04PDVyPxxci11jiXf1l1V6uEzIzY1g2Petb72y3COge%2F4554dSKwBwEQD8WmeQP1euib0VShmJHhEE4zdukn4bs0eM7L1fCnB14v24RRO7nIou%2BY2AiB8x4bx0f%2B1TJSN%2BIj%2B0xyeWtvYpGW8qDKSMccC%2FkTyVqfy3pKv5jYy2v6My8DjyfCuoZsxz74LdVA%2BEzp%2BQvga1cHkU%2FcV7TMdwfZo8JhjNTkR%2BvcVxIDr2SrIfiN0PBHEGpQYKJTdtqc8H8taWVDtK4ldD%2BTbL4NCzd8KoSJNjFUckj2NZMIRmm44veZMT%2BuH4k8Klmx0E%2F7r3tTIIL6qsL6QXhnHaZsT1Xvhrkjp3omphzGvk85WpDPyyW87Y8mMTwFdenRa7%2BhYgNyXOk%2FgfgC51EPzRhjKR%2BNP5frrhwIUP7eP0PnfBpnREqT3EbGArqVcKVWZpSiAlTy1fy5eaFBgXVp7N4QzszhvvmHpQ6bVhIxDlMOqzxsQGOqUBWWbRDUCZPUPlCpPiTt3n3pD%2Bwz2ztigY%2Fp46r5amK7jir6Zq2fvuyxEGp9557tg%2FB9hAUvEPtx5F7FzVUdjSCiwRQ1eJzp2ryayU2vPN0lLRQZ804%2FUcbtfYr12xm2Xbjwg2Dw1a7Q8tZKdFywPuURnYfU3mPkjxKwGIWX%2Fvz3GBBwQPJ2ba5zR2FVmnr6H4Yfgm2wCHPmkz6tvokNcdMRE%2FZzyB&X-Amz-Signature=be33a5e8ef69c8cee66301eab15c5dcdc508240a10415c46ee788a00533114c7&X-Amz-SignedHeaders=host&x-amz-checksum-mode=ENABLED&x-id=GetObject)

CoreDNS

  • 내부에서 DNS서버 역할을 하는 POD가 조냊

  • 각 미들웨어를 통해 로깅, 캐싱, 등의 기능을 가짐 Image

  • DNS 에는 configmap저장소를 사용해 설정 파일을 컨트롤함
  • CoreFile을 통해 현재 클러스터의 NS를 지정
    1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

    kubectl get configmap coredns -n kube-system -o yaml
------------------------------------------------------------
apiVersion: v1
data:
Corefile: |
  .:53 {
      errors
      health {
         lameduck 5s
      }
      ready
      kubernetes cluster.local in-addr.arpa ip6.arpa {
         pods insecure
         fallthrough in-addr.arpa ip6.arpa
         ttl 30
      }
      prometheus :9153
      forward . /etc/resolv.conf {
         max_concurrent 1000
      }
      cache 30
      loop
      reload
      loadbalance
  }

POD에서도 Subdomain을 사용하면 DNS서비스를 사용가능하다.

  • yaml 파일의 호스트 이름은 pod의 metadata.name을 따름
  • 필요한 경우 Hostname을 따로 선택 가능
  • 서브 도메인을 설정하면 FQDN 사용가능

    공식문서

https://kubernetes.io/ko/docs/concepts/services-networking/dns-pod-service/

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

# sub도메인 생성 및 POD 도메인 생성 YAML파일
apiVersion: v1
kind: Service
metadata:
  name: default-subdomain
spec:
  selector:
    name: busybox
  clusterIP: None
  ports:
  - name: foo # 사실 포트는 필요하지 않다.
    port: 1234
    targetPort: 1234
---
apiVersion: v1
kind: Pod
metadata:
  name: busybox1
  labels:
    name: busybox
spec:
  hostname: busybox-1
  subdomain: default-subdomain
  containers:
  - image: busybox:1.28
    command:
      - sleep
      - "3600"
    name: busybox
---
apiVersion: v1
kind: Pod
metadata:
  name: busybox2
  labels:
    name: busybox
spec:
  hostname: busybox-2
  subdomain: default-subdomain
  containers:
  - image: busybox:1.28
    command:
      - sleep
      - "3600"
    name: busybox

연습문제

Image

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

apiVersion: v1
kind: Namespace
metadata:
  creationTimestamp: null
  name: blue

---
apiVersion: v1
kind: Service
metadata:
  name: srv-jenkins
  namespace: blue
spec:
  ports:
    - protocol: TCP
      port: 8080
      targetPort: 8080
  selector:
    run: pod-jenkins

---

apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    run: pod-jenkins
  name: pod-jenkins
  namespace: blue
spec:
  replicas: 1
  selector:
    matchLabels:
      run: pod-jenkins
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        run: pod-jenkins
    spec:
      containers:
      - image: jenkins/jenkins
        name: jenkins
        ports:
        - containerPort: 8080
        resources: {}
status: {}

1
2

k exec http-go -- curl srv-jenkins.blue.svc.cluster.local:8080
k exec http-go -- curl srv-jenkins.blue:8080
kubernetes
Kubernetes
This post is licensed under CC BY 4.0 by the author.