kubernetes nodelocaldns 解析自定義domain失敗

參考資料： https://www.qikqiak.com/post/resolve-coredns-hosts-invalid/

設定coredns hosts解析custom domain(web.jimmyhom.tw)，kubernetes內部pod，一樣無法正常解析到custom domain。

需將其nodelocaldns的configmap修改一下，將其forward到coredns。

測試未修改前，在coredns添加hosts設定，pod無法正常解析到web.jimmyhom.tw

root@k8s-master71u:~# kubectl get pod
NAME                           READY   STATUS    RESTARTS      AGE
redisinsight-cf7f6847b-s2zgg   1/1     Running   5 (79d ago)   91d
test-nginx                     1/1     Running   7 (79d ago)   104d
web2-5d48fb75c5-dt5xd          1/1     Running   7 (79d ago)   104d
web2-5d48fb75c5-ggmrz          1/1     Running   7 (79d ago)   104d
web2-5d48fb75c5-jsvck          1/1     Running   7 (79d ago)   104d

# 測試是否可以解析到
root@k8s-master71u:~# kubectl exec -ti test-nginx sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
/ # curl web.jimmyhome.tw
curl: (6) Could not resolve host: web.jimmyhome.tw
/ # ping web.jimmyhome.tw
ping: bad address 'web.jimmyhome.tw'

# 更改coredns設定
root@k8s-master71u:~# kubectl get cm coredns -o yaml -n kube-system > coredns-cm.yaml


apiVersion: v1
data:
  Corefile: |
    .:53 {
        errors {
        }
        health {
            lameduck 5s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
          pods insecure
          fallthrough in-addr.arpa ip6.arpa
        }
        hosts {
          192.168.1.60 web.jimmyhome.tw
          fallthrough
        }


# 套用設定
root@k8s-master71u:~# kubectl apply -f coredns-cm.yaml
configmap/coredns configured](<root@k8s-master71u:~# kubectl apply -f coredns-cm.yaml
configmap/coredns configured

# 重啟pod
root@k8s-master71u:~# kubectl delete pod coredns-57c7559cc8-sq8c4 -n kube-system
pod "coredns-57c7559cc8-sq8c4" deleted
root@k8s-master71u:~# kubectl delete pod coredns-57c7559cc8-vrf7g -n kube-system
pod "coredns-57c7559cc8-vrf7g" deleted


root@k8s-master71u:~# kubectl get pod -n kube-system | grep -i coredns
coredns-57c7559cc8-dpjkw                   1/1     Running   0                41s
coredns-57c7559cc8-ng9kk                   1/1     Running   0                24s>)

# 測試，一樣解析不到
root@k8s-master71u:~# kubectl exec -ti test-nginx sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
/ # curl web.jimmyhome.tw
curl: (6) Could not resolve host: web.jimmyhome.tw
/ # ping web.jimmyhome.tw
ping: bad address 'web.jimmyhome.tw'

修改nodelocaldns設定，pod正常能解析到web.jimmyhom.tw


# 更改nodelocaldns設定
kubectl get cm nodelocaldns -n kube-system -o yaml > nodelocaldns-configmap.yaml

root@k8s-master71u:~# vim nodelocaldns-configmap.yaml

# 原本forward . /etc/resolv.conf
    .:53 {
        errors
        cache 30
        reload
        loop
        bind 169.254.25.10
        forward . /etc/resolv.conf
        prometheus :9253
    }

# 修改成forward
    .:53 {
        errors
        cache 30
        reload
        loop
        bind 169.254.25.10
        forward . 10.202.0.3 {
                force_tcp
        }
        prometheus :9253
    }


root@k8s-master71u:~# kubectl apply -f nodelocaldns-configmap.yaml
configmap/nodelocaldns configured


# 重啟pod
root@k8s-master71u:~# kubectl delete pod nodelocaldns-5wcc7 -n kube-system
pod "nodelocaldns-5wcc7" deleted
root@k8s-master71u:~# kubectl delete pod nodelocaldns-nsnh4 -n kube-system
pod "nodelocaldns-nsnh4" deleted
root@k8s-master71u:~# kubectl delete pod nodelocaldns-nwgxn -n kube-system
pod "nodelocaldns-nwgxn" deleted
root@k8s-master71u:~# kubectl delete pod nodelocaldns-pvwx6 -n kube-system
pod "nodelocaldns-pvwx6" deleted
root@k8s-master71u:~# kubectl delete pod nodelocaldns-zvmsk -n kube-system
pod "nodelocaldns-zvmsk" deleted


root@k8s-master71u:~# kubectl get pod -n kube-system | grep nodelocaldns
nodelocaldns-5pb2r                         1/1     Running   2 (28s ago)     30s
nodelocaldns-g82jn                         1/1     Running   0               49s
nodelocaldns-gtkpd                         1/1     Running   0               59s
nodelocaldns-l9t5p                         1/1     Running   0               70s
nodelocaldns-m9rnv                         1/1     Running   0               39s

# 測試可以ping web.jimmyhome.tw和curl web.jimmyhome.tw了

root@k8s-master71u:~# kubectl exec -ti test-nginx sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.

/ # ping web.jimmyhome.tw
PING web.jimmyhome.tw (192.168.1.60): 56 data bytes
64 bytes from 192.168.1.60: seq=0 ttl=63 time=0.470 ms
64 bytes from 192.168.1.60: seq=1 ttl=63 time=0.335 ms
64 bytes from 192.168.1.60: seq=2 ttl=63 time=0.393 ms
64 bytes from 192.168.1.60: seq=3 ttl=63 time=0.289 ms
^C
--- web.jimmyhome.tw ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.289/0.371/0.470 ms


/ # curl web.jimmyhome.tw
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <!--
    Modified from the Debian original for Ubuntu
    Last updated: 2022-03-22
    See: https://launchpad.net/bugs/1966004
  -->
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <title>Apache2 Ubuntu Default Page: It works</title>
    <style type="text/css" media="screen">