From 270f1fd153565334060d284567f89adb61ede44a Mon Sep 17 00:00:00 2001 From: Tim Hockin Date: Thu, 6 Nov 2014 16:44:23 -0800 Subject: [PATCH] Add SkyDNS example This is not a complete solution, but a piece of one. More coming. --- contrib/dns/README.md | 51 ++++++++++++++++++++++++++++++++++ contrib/dns/skydns-rc.yaml.in | 36 ++++++++++++++++++++++++ contrib/dns/skydns-svc.yaml.in | 12 ++++++++ 3 files changed, 99 insertions(+) create mode 100644 contrib/dns/README.md create mode 100644 contrib/dns/skydns-rc.yaml.in create mode 100644 contrib/dns/skydns-svc.yaml.in diff --git a/contrib/dns/README.md b/contrib/dns/README.md new file mode 100644 index 00000000000..fd311f51031 --- /dev/null +++ b/contrib/dns/README.md @@ -0,0 +1,51 @@ +# DNS in Kubernetes +This directory holds an example of how to run +[SkyDNS](https://github.com/skynetservices/skydns) in a Kubernetes cluster. + +## What things get DNS names? +The only objects to which we are assigning DNS names are Services. Every +Kubernetes Service is assigned a virtual IP address which is stable as long as +the Service exists. This maps well to DNS, which has a long history of clients +that, on purpose or on accident, do not respect DNS TTLs. + +## How do I find the DNS server? +The DNS server itself runs as a Kubernetes Service. This gives it a stable IP +address. When you run the SkyDNS service, you can assign a static IP to use for +the Service. For example, if you assign `DNS_SERVER_IP` (see below) as +10.0.0.10, you can configure your docker daemon with the flag `--dns 10.0.0.10`. + +Of course, giving services a name is just half of the problem - DNS names need a +domain also. This implementation uses the variable `DNS_DOMAIN` (see below). +You can configure your docker daemon with the flag `--dns-search`. + +## How do I run it? +The first thing you have to do is substitute the variables into the +configuration. You can then feed the result into `kubectl`. + +```shell +DNS_SERVER_IP=10.0.0.10 +DNS_DOMAIN=kubernetes.local +DNS_REPLICAS=2 + +sed -e "s/{DNS_DOMAIN}/$DNS_DOMAIN/g" \ + -e "s/{DNS_REPLICAS}/$DNS_REPLICAS/g" \ + ./contrib/dns/skydns-rc.yaml.in \ + | ./cluster/kubectl.sh create -f - + +sed -e "s/{DNS_SERVER_IP}/$DNS_SERVER_IP/g" \ + ./contrib/dns/skydns-svc.yaml.in \ + | ./cluster/kubectl.sh create -f - +``` + +## How does it work? +SkyDNS depends on etcd, but it doesn't really need what etcd offers when in +Kubernetes mode. SkyDNS finds the Kubernetes master through the +`kubernetes-ro` service, and pulls service info from it, essentially using +etcd as a cache. For simplicity, we run etcd and SkyDNS together in a pod, +without linking the etcd instances into a cluster. + +## Known issues +DNS resolution does not work from nodes directly, but it DOES work for +containers. As best I can figure out, this is some oddity around DNAT and +localhost in the kernel. I think I have a workaround, but it's not quite baked +as of the this writing (11/6/2014). diff --git a/contrib/dns/skydns-rc.yaml.in b/contrib/dns/skydns-rc.yaml.in new file mode 100644 index 00000000000..0ca8f0cedb8 --- /dev/null +++ b/contrib/dns/skydns-rc.yaml.in @@ -0,0 +1,36 @@ +kind: ReplicationController +apiVersion: v1beta1 +id: skydns +namespace: default +labels: + k8s-app: skydns +desiredState: + replicas: {DNS_REPLICAS} + replicaSelector: + k8s-app: skydns + podTemplate: + labels: + k8s-app: skydns + desiredState: + manifest: + version: v1beta2 + id: skydns + containers: + - name: etcd + image: quay.io/coreos/etcd:latest + command: [ "/etcd", "-bind-addr=127.0.0.1" ] + ports: + - name: server + containerPort: 7001 + - name: skydns + image: skynetservices/skydns:k8sfix + command: [ + "-kubernetes=true", + "-machines=http://localhost:4001", + "-addr=0.0.0.0:53", + "-domain={DNS_DOMAIN}.", + ] + ports: + - name: dns + containerPort: 53 + protocol: UDP diff --git a/contrib/dns/skydns-svc.yaml.in b/contrib/dns/skydns-svc.yaml.in new file mode 100644 index 00000000000..3898a638bf7 --- /dev/null +++ b/contrib/dns/skydns-svc.yaml.in @@ -0,0 +1,12 @@ +kind: Service +apiVersion: v1beta1 +id: skydns +namespace: default +protocol: UDP +port: 53 +portalIP: {DNS_SERVER_IP} +containerPort: 53 +labels: + k8s-app: skydns +selector: + k8s-app: skydns