使用内部私有名称服务器更新 GCP Kubernetes 节点
GCP Kubernetes Nodes update with Internal Private Nameservers
我们在托管在内部网络 (repo.mycomapanydomain.io) 上的 GitLab 上有一个 docker 图像存储库。
我的 K8 部署失败,repo.mycomapanydomain.io
的名称未解析错误
我尝试如下更新 kube-dns 配置。但是我仍然有同样的错误。
apiVersion: v1
kind: ConfigMap
metadata:
name: kube-dns
namespace: kube-system
data:
stubDomains: |
{“mycomapanydomain”: [“10.131.0.4”]}
upstreamNameservers: |
[“10.131.0.4”]
如何让我的 resolv.conf 默认使用内部域名服务器或使用 K8 使用我的内部 DNS IP 进行解析?
不鼓励手动或自动编辑 /etc/resolv.conf:
Internal DNS and resolv.conf
By default, most Linux distributions store DHCP information in resolv.conf. Compute Engine instances are configured to renew DHCP leases every 24 hours. For instances that are enabled for zonal DNS, the DHCP lease expires every hour. DHCP renewal overwrites this file, undoing any changes that you might have made. Instances using zonal DNS have both zonal and global entries in the resolv.conf file.
-- Cloud.google.com: Compute: Docs: Internal DNS: resolv.conf
还有:
Modifications on the boot disk of a node VM do not persist across node re-creations. Nodes are re-created during manual upgrade, auto-upgrade, auto-repair, and auto-scaling. In addition, nodes are re-created when you enable a feature that requires node re-creation, such as GKE sandbox, intranode visibility, and shielded nodes.
-- Cloud.google.com: Kubernetes Engine: Docs: Concepts: Node images: Modifications
至于:
How can I make my resolv.conf to have the Internal nameservers by default or K8 to resolve with my internal DNS IPs?
从 GCP 和 GKE 的角度来看,您可以使用 Cloud DNS 配置您的 DNS 分辨率:
- 您的整个
DOMAIN 驻留在 GCP 基础架构中(并且您指定了所有记录)。
- 您的
DOMAIN 查询将转发到您选择的 DNS 服务器。
您可以通过以下方式创建您的 DNS 区域:
GCP Cloud Console (Web UI) -> Network Services -> Cloud DNS -> Create zone:
假设您要将 DNS 查询转发到位于 GCP 的内部 DNS 服务器,您的配置应类似于以下配置:
A side note!
- Remember to follow the "Destination DNS Servers" steps to allow the
DNS queries to your DNS server.
- Put the internal IP address of your
DNS server where the black rectangle is placed.
之后,您的 GKE 集群应该能够解决 DOMAIN.NAME 的 DNS 查询。
其他资源:
我找到了一篇文章,介绍了如何为 GCP 实例创建 DNS 转发:
我们在托管在内部网络 (repo.mycomapanydomain.io) 上的 GitLab 上有一个 docker 图像存储库。
我的 K8 部署失败,repo.mycomapanydomain.io
的名称未解析错误我尝试如下更新 kube-dns 配置。但是我仍然有同样的错误。
apiVersion: v1
kind: ConfigMap
metadata:
name: kube-dns
namespace: kube-system
data:
stubDomains: |
{“mycomapanydomain”: [“10.131.0.4”]}
upstreamNameservers: |
[“10.131.0.4”]
如何让我的 resolv.conf 默认使用内部域名服务器或使用 K8 使用我的内部 DNS IP 进行解析?
不鼓励手动或自动编辑 /etc/resolv.conf:
Internal DNS and resolv.conf
By default, most Linux distributions store DHCP information in
resolv.conf. Compute Engine instances are configured to renew DHCP leases every 24 hours. For instances that are enabled for zonal DNS, the DHCP lease expires every hour. DHCP renewal overwrites this file, undoing any changes that you might have made. Instances using zonal DNS have both zonal and global entries in theresolv.conffile.-- Cloud.google.com: Compute: Docs: Internal DNS: resolv.conf
还有:
Modifications on the boot disk of a node VM do not persist across node re-creations. Nodes are re-created during manual upgrade, auto-upgrade, auto-repair, and auto-scaling. In addition, nodes are re-created when you enable a feature that requires node re-creation, such as GKE sandbox, intranode visibility, and shielded nodes.
-- Cloud.google.com: Kubernetes Engine: Docs: Concepts: Node images: Modifications
至于:
How can I make my
resolv.confto have the Internal nameservers by default or K8 to resolve with my internal DNS IPs?
从 GCP 和 GKE 的角度来看,您可以使用 Cloud DNS 配置您的 DNS 分辨率:
- 您的整个
DOMAIN驻留在GCP基础架构中(并且您指定了所有记录)。 - 您的
DOMAIN查询将转发到您选择的 DNS 服务器。
您可以通过以下方式创建您的 DNS 区域:
GCP Cloud Console(Web UI) ->Network Services->Cloud DNS->Create zone:
假设您要将 DNS 查询转发到位于 GCP 的内部 DNS 服务器,您的配置应类似于以下配置:
A side note!
- Remember to follow the "Destination DNS Servers" steps to allow the
DNSqueries to yourDNSserver.- Put the internal IP address of your
DNSserver where the black rectangle is placed.
之后,您的 GKE 集群应该能够解决 DOMAIN.NAME 的 DNS 查询。
其他资源:
我找到了一篇文章,介绍了如何为 GCP 实例创建 DNS 转发: