dnsmasq

配置

四行的含义：

resolv-file：从文件读取 DNSMasq 上游的 DNS 服务器配置。
strict-order：resolv-file 文件中如果指定了多个 DNS 服务器，严格安装 DNS 服务器的先后顺序查询域名。
listen-address：监听地址，配置为本机 IP 即可。
addn-hosts：从文件读取本地 DNS 域名和 IP 的对应关系，格式为 。其实可以把 IP 和域名的对应关系写在 /etc/hosts 文件中，DNSMasq 默认从那里读取，但如果要支持一个域名对应多个 IP，就必须使用 addn-hosts 选项了。

resolv-file=/etc/resolv.conf
strict-order
listen-address=192.168.122.1
addn-hosts=/opt/tools/dns/hosts

systemctl start dnsmasq.service 启动

systemctl enable dnsmasq.service # 开机启动

netstat -lnp|grep dnsmasq 

k8s dns

coredns 异常检查以下配置

/etc/kubernetes/manifests/kube-controller-manager.yaml

cat /etc/kubernetes/manifests/kube-controller-manager.yaml | grep cluster-
    - --cluster-cidr=121.21.0.0/16   #意味着Pod IP地址将从121.21.0.0到121.21.255.255范围内分配
    - --cluster-name=cs
    - --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt
    - --cluster-signing-key-file=/etc/kubernetes/pki/ca.key
    - --service-cluster-ip-range=10.96.0.0/12 #服务的IP地址将从10.96.0.0到10.97.255.255范围内分配

cluster-cidr

service-cluster-ip-range

/var/lib/kubelet/config.yaml

$  cat /var/lib/kubelet/config.yaml | grep -A 1 cluster
clusterDNS:
- 10.96.1.10
  clusterDomain: cluster.local
  cpuManagerReconcilePeriod: 0s

clusterDNS

进入pod中 查看/etc/reslove.conf 中nameserver和kube-dns ClusterIP 是否一致

kubectl edit cm kube-proxy -n kube-system

修改每个Node上kubelet的启动参数，在其中加上以下两个参数：

–cluster-dns=169.169.0.100：为DNS服务的ClusterIP地址。
–cluster-domain=cluster.local：为在DNS服务中设置的域名。
然后重启kubelet服务

nslookup

❯ kubectl debug -it vault-0  -n vault  --image=k8s.org/cs/netshoot   -- sh

Defaulting debug container name to debugger-8z7lk.
If you don’t see a command prompt, try pressing enter.
root $ nslookup vault-internal
Server: 10.96.1.10
Address: 10.96.1.10#53

Name: vault-internal.vault.svc.cluster.local
Address: 121.21.64.141
Name: vault-internal.vault.svc.cluster.local
Address: 121.21.80.152
Name: vault-internal.vault.svc.cluster.local
Address: 121.21.48.135

NetworkManager

❯ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.5.1
nameserver 8.8.8.8
nameserver 114.114.114.114

/etc/network/interfaces

故障

泛域名

配置日志

log-queries
log-facility=/opt/tools/dns/dnsmasq.log
addn-hosts=/opt/tools/dns/hostname
address=/local.org/192.168.122.1

Aug 29 18:16:12 dnsmasq[28763]: started, version 2.89 cachesize 150
Aug 29 18:16:12 dnsmasq[28763]: compile time options: IPv6 GNU-getopt DBus no-UBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset nftset auth cryptohash DNSSEC loop-detect inotify dumpfile
Aug 29 18:16:12 dnsmasq[28763]: reading /opt/tools/dns/resolv.dnsmasq.conf
Aug 29 18:16:12 dnsmasq[28763]: ignoring nameserver 192.168.122.1 - local interface
Aug 29 18:16:12 dnsmasq[28763]: using nameserver 202.96.128.86#53
Aug 29 18:16:12 dnsmasq[28763]: using nameserver 202.96.134.33#53
Aug 29 18:16:12 dnsmasq[28763]: read /etc/hosts - 11 names
Aug 29 18:16:12 dnsmasq[28763]: read /opt/tools/dns/hostname - 12 names

没有走dnsmasq

❯ nslookup es.local.org    
Server:		202.96.128.86
Address:	202.96.128.86#53

** server can't find es.local.org: NXDOMAIN

❯ nslookup es.local.org 127.0.0.1
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:	es.local.org
Address: 192.168.122.1

Aug 29 18:16:12 dnsmasq[28763]: read /opt/tools/dns/hostname - 12 names
Aug 29 18:16:21 dnsmasq[28763]: query[A] es.local.org from 127.0.0.1
Aug 29 18:16:21 dnsmasq[28763]: config es.local.org is 192.168.122.1
Aug 29 18:16:21 dnsmasq[28763]: query[AAAA] es.local.org from 127.0.0.1
Aug 29 18:16:21 dnsmasq[28763]: forwarded es.local.org to 202.96.128.86
Aug 29 18:16:21 dnsmasq[28763]: reply es.local.org is NODATA-IPv6

解决方式

NetworkManager 管理网络

❯ sudo mousepad /etc/NetworkManager/NetworkManager.conf

[main]
dns=dnsmasq #添加