Use scenarios

In the cluster with Daemonset How to run NodeLocal DNS Cache Components , Can greatly improve the cluster of DNS Analytical performance , And effectively avoid conntrack The conflict triggered DNS Five second delay .

at present TKE Have already put NodeLocal DNS Cache As an enhanced component for users to install in the cluster , But at present, it is only limited to Kube-proxy The forwarding mode is Iptables Cluster installation of , In the following, the forwarding mode is IPVS How to deploy and use NodeLocal DNS Cache .

Operation steps

1. Stock node installation

1. According to the example nodelocaldns.yaml Prepare a list of resources , Save it as nodelocaldns.yaml.

2. hold nodelocaldns.yaml Change the variables in the listing to the correct values ：

DNS_SERVICE="kube-dns"
DNS_CLUSTER_IP=`kubectl get svc ${DNS_SERVICE} -n kube-system -o jsonpath={.spec.clusterIP}`
CUSTOM_DOMAIN="cluster.local"
NODE_LOCAL_DNS="169.254.20.10"
sed -i "s/__PILLAR__LOCAL__DNS__/$NODE_LOCAL_DNS/g; s/__PILLAR__DNS__DOMAIN__/$CUSTOM_DOMAIN/g; s/,__PILLAR__DNS__SERVER__//g; s/__PILLAR__CLUSTER__DNS__/$DNS_CLUSTER_IP/g" nodelocaldns.yaml

Description of the replaced variable name ：

• DNS_CLUSTER_IP： This can be done by executing kubectl get svc <DNS_SERVICE>-n kube-system -o jsonpath={.spec.clusterIP} Command acquisition , among <DNS_SERVICE> For clusters DNS Service Service name , stay TKE In the cluster "kube-dns".
• CUSTOM_DOMAIN：K8S If it is not specified during cluster creation , The default value is "cluster.local".
• NODE_LOCAL_DNS： yes NodeLocalDNSCache Listening on the node IP Address , Direct use is recommended "169.254.20.10" IP.

3. Application deployment NodeLocal DNSCache Component resources ：

 kubectl create -f nodelocaldns.yaml

4. modify kubelet Parameters ：

because kube-proxy Running on the IPVS Pattern , Need modification kubelet Of --cluster-dns Parameter is NodeLocal DNSCache Listening on the node NODE_LOCAL_DNS Address , All nodes in the cluster execute the following commands in turn , modify kubelet Start the parameters and restart .

NODE_LOCAL_DNS="169.254.20.10" 
sed -i "/CLUSTER_DNS/c\CLUSTER_DNS=\"--cluster-dns=${NODE_LOCAL_DNS}\"" /etc/kubernetes/kubelet
systemctl restart kubelet

️ NodeLocalDNSCache After the components are installed and configured, the stock is Pods Still in use DNS_CLUSTER_IP analysis , The stock of Pods The configuration needs to be rebuilt or modified dnsConfig Effective after .

2. New node configuration

When the inventory node has been deployed and run NodeLocal DNS Cache When the component , To add a new node, you only need to customize the configuration kubelet Parameters --cluster-dns For the above NODE_LOCAL_DNS address , At present, the user-defined parameters need to be enabled , Contact TKE After sales students help open .

Unload resources （ cautious ）

If you don't want to use this feature anymore , The unloading steps are as follows ：

1. Restore pair first kubelet All changes made to the configuration （ Note the variable name ）.

DNS_CLUSTER_IP=${DNS_CLUSTER_IP}
sed -i "/CLUSTER_DNS/c\CLUSTER_DNS=\"--cluster-dns=${DNS_CLUSTER_IP}\"" /etc/kubernetes/kubelet
systemctl restart kubelet

2. Then delete the deployed NodeLocal DNS Cache All the resources of ：

kubectl delete -f nodelocaldns.yaml

️ Corresponding , Already used NODE_LOCAL_DNS Analytical stock Pods The configuration needs to be rebuilt or modified dnsConfig Effective after .

Reference resources

https://kubernetes.io/zh/docs/tasks/administer-cluster/nodelocaldns

https://cloud.tencent.com/document/product/457/40613