526互联

coredns的扩展配置

发布时间 2023-07-20 10:53:53作者: du-z

1 CoreDNS的默认配置

  Corefile: |
    .:53 {
        errors
        log
        health {
           lameduck 15s
        }
        ready
        kubernetes {{.ClusterDomain}} in-addr.arpa ip6.arpa {
          pods verified
          fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        forward . /etc/resolv.conf {
              prefer_udp
        }
        cache 30
        loop
        reload
        loadbalance
    }

2coredns的扩展配置

2.1开启日志服务

如果需将CoreDNS每次域名解析的日志打印出来,您可以开启Log插件,在Corefile里加上log。示例配置如下:

  Corefile: |
    .:53 {
        errors
        log
        health {
           lameduck 15s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
          pods insecure
          fallthrough in-addr.arpa ip6.arpa
          ttl 30
        }
        prometheus :9153
        forward . /etc/resolv.conf {
              prefer_udp
        }
        cache 30
        loop
        reload
        loadbalance
    }

2.2特定域名使用自定义DNS服务器

data:
  Corefile: |
    .:53 {
        errors
        health
        kubernetes cluster.local in-addr.arpa ip6.arpa {
           pods insecure
           upstream
           fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        proxy . /etc/resolv.conf
        cache 30
        loop
        reload
        loadbalance
    }
    apple.com:53 {
        errors
        cache 30
        forward . 223.5.5.5 119.29.29.29
    }
    xiaomi.com:53 {
        errors
        cache 30
        forward . 223.5.5.5 119.29.29.29
    }
    vmall.com:53 {
        errors
        cache 30
        forward . 223.5.5.5 119.29.29.29
    }
    hicloud.com:53 {
        errors
        cache 30
        forward . 223.5.5.5 119.29.29.29
    }
    oppomobile.com:53 {
        errors
        cache 30
        forward . 223.5.5.5 119.29.29.29
    }
    vivo.com.cn:53 {
        errors
        cache 30
        forward . 223.5.5.5 119.29.29.29
    }
    huawei.com:53 {
        errors
        cache 30
        forward . 223.5.5.5 119.29.29.29
    }
    dingtalk.com:53 {
        errors
        cache 30
        forward . 223.5.5.5 119.29.29.29
    }

2.3外部域名完全使用自建DNS服务器

如果您需要使用的自建DNS服务的域名没有统一的域名后缀,您可以选择所有集群外部域名都使用自建DNS服务器;例如,您自建的DNS服务器IP为10.10.0.10和10.10.0.20,可以更改forward参数进行配置。示例配置如下:

  Corefile: |
    .:53 {
        errors
        health {
           lameduck 15s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
          pods insecure
          fallthrough in-addr.arpa ip6.arpa
          ttl 30
        }
        prometheus :9153
        forward . 10.10.0.10 10.10.0.20{
          prefer_udp
        }
        cache 30
        loop
        reload
        loadbalance
    }

2.4自定义Hosts

如果您需要为特定域名指定hosts,如为www.example.com指定IP为127.0.0.1,可以使用Hosts插件来配置。示例配置如下:

  Corefile: |
    .:53 {
        errors
        health {
           lameduck 15s
        }
        ready
        
        hosts {
          127.0.0.1 www.example.com
          fallthrough
        }
      
        kubernetes cluster.local in-addr.arpa ip6.arpa {
          pods insecure
          fallthrough in-addr.arpa ip6.arpa
          ttl 30
        }
        prometheus :9153
        forward . /etc/resolv.conf {
          prefer_udp
        }
        cache 30
        loop
        reload
        loadbalance
    }