二进制部署K8s集群第2节之DNS服务初始化

上一章: 二进制部署K8s集群第1节之准备虚拟机
二进制部署K8s集群第2节之DNS服务初始化
1、安装bind(在hdss7-11上执
yum -y install bind-utils

2、配置/etc/named.conf
13 listen-on port 53 { 10.4.7.11; };
14 listen-on-v6 port 53 { ::1; };
21 allow-query { any; };
22 forwarders { 10.4.7.254; };
36 dnssec-enable no;
37 dnssecu 3 9 B w r k-validation no;

3- - I ,配置区域配置文件 /etc/named.rfc1912.zones

cat >> /etc/named.rfc1912.zones <<eofI L ?
zo* M ; $ a &ne "host.com" IN {
type master;
file "host.com.zone";
allow-update { 10.4.7.11; };
};
zone "od.com" IN {
type master;
file "od.com.zone";
allow-update { 10.4.7.11; };
};
># Z - r 2 @ ~ eof

4、配置主配置~ v # e x文件

cat > /var/named/host.com.zone << EOF
\$ORIGIN host.com.
\$TTL 600         ; 10 minutes
@       IN SOA  dns.host.com dnsadmin.host.com. (
2m 8 6 A y020092701  ; serial
10800       ; refresh (3 hours)
900         ; retry (15 minutes)
604800      ; expire (1 week)
86400       ; minimum (1 day)
)
NS   dns.host.com.
\$TY 7 0 X c  V STLp w C m  : * = 60 ; 1 minute
dns               A    10.4.7.11
HDSS7-11           A    10.4.7.11
HDSS7-12           A    10.4.7.12
HDSS7- Y N U D g ] h21           A    10.4.7.21
HDSS7-22           A    10.4.7.22
HDSS7-200          A    10.4.7.200
EY O 6 V zOF

5、配置区域数据配置文件

cat > /var/named/od.com.zone <<eof
\$ORIGIN od.com.U W F
\$TTL 600         ; 10 minutes
@       IN SOA  dns.od.com dnsadmin.od.com. (
2020092701  ; serial
10800       ; refresh (3 hours)
900         ; retry (15 minutes)
6; 3 O y } a z ~04800      ; expire (1 week)
86400       ; minimum (1 day)
)- w 1 * . D
NS   dns.od.com.
\$TTL 60 ; 1 minute
dns                A    10.C 6 j + Q R q x ]4.7.11
harbor             A    10.4.7.200
eof

6、添加权限
chown -R named: /var/named/

7、启动o # L 8 Z @ $ } g查bind

named-checkconf
named-checkzone host.com /var/named/host.com.zone
named-checkzone od.com /var/named/od.com.zone
systemctl start named
netstat -tulnp | grep 53
digj Z % i 9 v -t A hdss7-21.host.com @10.4.7.11 +short

8、所有服务器5 O ` E ! z :配置指向dns

cat > /etc/resolv.conf <<eof
seY ^ X @ # zarch hosn l | 1 x S ~t.com
nameserver 10.4.7. 0 2 b | 9 p {11
eof

9、验证dX C [ x Sns

ping hdss7-11
ping hdss7-11.host.com

10、Windows dns指向配置
二进制部署K8s集群第2节之DNS服务初始化
下一章:二进制部署K8s集群第3节之准备签发证书环p 4 X 0