카이도스의 Tech Blog

Rancher K8s 구성 - 1(DNS) 본문

Rancher k8s

Rancher K8s 구성 - 1(DNS)

카이도스 2024. 2. 15. 17:34
728x90
반응형

IDC에도 K8s 사용이 필요해서 Rancher K8s 통해 구성진행하였다.

2024.02.15 - [Rancher k8s] - Rancher K8s 구성 - 2(HAproxy)

 

Rancher K8s 구성 - 2(HAproxy)

2024.02.15 - [Rancher k8s] - Rancher K8s 구성 - 1(DNS) Rancher K8s 구성 - 1(DNS) IDC에도 K8s 사용이 필요해서 Rancher K8s 통해 구성진행하였다. 스펙 vm 통해 구성(PROXMOX) jenkins, haproxy, master(8vcore, mem 8G, os 200G) worker(16

djdakf1234.tistory.com

스펙

vm 통해 구성(PROXMOX)

  • jenkins, haproxy, master(8vcore, mem 8G, os 200G)
  • worker(16vcore. mem 32G, os 200G, data 1T)
  • https://rancher-ui.internal.xg.com
    • admin / xgk8stest1234!@
  • Rancher 버전 : v1.27.8+rke2r1
  • OS : ubuntu 22.04
  • DNS : 10.10.X.139
  • r1-jenkins : 10.10.X.199
  • r1-k8s-haproxy : 10.10.X.200
  • r1-k8s-master1 : 10.10.X.201
  • r1-k8s-master2 : 10.10.X.202
  • r1-k8s-master3 : 10.10.X.203
  • r1-k8s-worker1 : 10.10.X.204
  • r1-k8s-worker2 : 10.10.X.205
  • r1-k8s-worker3 : 10.10.X.206

DNS 구성 

# bind 디렉토리 이동
cd /etc/bind

# named.conf.local 정방향, 역방향 도메인 설정
sudo vi named.conf.local
zone "internal.xg.com" {
    type master;
    file "/etc/bind/zones/db.internal.xg.com";            # zone file path
    allow-transfer {                                      # ns2 private IP address - secondary
        none;
    };
};

zone "X.10.10.in-addr.arpa" {
    type master;
    file "/etc/bind/zones/db.10.10.X";     # 10.10.X.0/24 idc rack1 subnet
    allow-transfer {                        # ns2 private IP address - secondary
        none;
    };
};

# zones.rfc1918 파일 IP 대역 확인
sudo vi zones.rfc1918
zone "10.in-addr.arpa"      { type master; file "/etc/bind/db.empty"; };

zone "16.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "17.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "18.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "19.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "20.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "21.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "22.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "23.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "24.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "25.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "26.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "27.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "28.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "29.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "30.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
zone "31.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };

zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };

# zone 파일 디렉토리 이동
cd zones
# internal.xangle.com 도메인에 대한 역방향 설정
sudo vi db.internal.xg.com
$TTL 600
@       IN  SOA ns1.internal.xg.com. ns2.internal.xg.com. (
                 3      ; Serial
              3600      ; Refresh [1h]
               600      ; Retry   [10m]
            604800      ; Expire  [7d]
               600      ; Negative Cache TTL Minimum [10m]
        )
;
            IN  NS      ns1.internal.xg.com.
            IN  NS      ns2.internal.xg.com.
;
            IN  A      10.10.X.139
www         IN  A      10.10.X.139
ns1         IN  A      10.10.X.139
ns2         IN  A      10.10.X.139

; 10.10.X.0/16 - A records
r1.k8s.control-plain.internal.xg.com.          IN      A       10.10.X.200

r1.k8s.master1.internal.xg.com.                IN      A       10.10.X.201
r1.k8s.master2.internal.xg.com.                IN      A       10.10.X.202
r1.k8s.master3.internal.xg.com.                IN      A       10.10.X.203

r1.k8s.worker1.internal.xg.com.                IN      A       10.10.X.204
r1.k8s.worker2.internal.xg.com.                IN      A       10.10.X.205
r1.k8s.worker3.internal.xg.com.                IN      A       10.10.X.206


# 10.10.X 대역 레코드 파일 설정
sudo vi db.10.10.X
$TTL 600
@       IN  SOA ns1.internal.xg.com. ns2.internal.xg.com. (
                 1      ; Serial
              3600      ; Refresh [1h]
               600      ; Retry   [10m]
            604800      ; Expire  [7d]
               600      ; Negative Cache TTL Minimum [10m]
        )
;
            IN  NS      ns1.internal.xg.com.
            IN  NS      ns2.internal.xg.com.
;

; PTR Records
200.X      IN      PTR     r1.k8s.control-plain.internal.xg.com.

201.X      IN      PTR     r1.k8s.master1.internal.xg.com.
202.X      IN      PTR     r1.k8s.master2.internal.xg.com.
203.X      IN      PTR     r1.k8s.master3.internal.xg.com.

204.X      IN      PTR     r1.k8s.worker1.internal.xg.com.
205.X      IN      PTR     r1.k8s.worker2.internal.xg.com.
206.X      IN      PTR     r1.k8s.worker3.internal.xg.com.

# bind(dns) 데몬 Reload 실행
sudo systemctl reload bind9.service
systemctl status bind9.service

# 레코드 정상 질의 확인
nslookup r1.k8s.control-plain.internal.xg.com
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
Name:	r1.k8s.control-plain.internal.xg.com
Address: 10.10.X.200

# Client 서버에서 DNS 설정
sudo vi /etc/netplan/00-installer-config.yaml

network:
  version: 2
  ethernets:
    eth0:
      addresses:
      - 10.10.X.200/24
      routes:
        - to: default
          via: 10.10.X.254
      nameservers:
        addresses:
        - 10.10.X.139
        search:
        - ns1.xo-idc.local
        - ns1.internal.xg.com

# DNS 설정 적용 및 확인
sudo netplan apply
sudo resolvectl
728x90
반응형
저작자표시 비영리 변경금지

'Rancher k8s' 카테고리의 다른 글

Rancher K8s 구성 - 6(Ceph Storage 구성)  (0) 2024.02.23
Rancher K8s 구성 - 5(Rancher UI 구성)  (0) 2024.02.21
Rancher K8s 구성 - 4(MetalLB & Nginx Ingress 구성)  (0) 2024.02.21
Rancher K8s 구성 - 3(Master, Worker)  (0) 2024.02.20
Rancher K8s 구성 - 2(HAproxy)  (0) 2024.02.15
'Rancher k8s' Related Articles more
Comments