K
Q

How can one set up Kubernetes DNS using an IP that is not host specific to the Kubernetes API

9/9/2016

I am having difficult time finding out how one would get kubernetes DNS (skydns, now called kube-dns) such that the kube-dns container/pod knows how to connect to the API server using and IP address or host that will work regardless if a master node goes down and another API server is started on a host with a different ip? I have tried using the actual kubernetes service, but it runs on port 443 and the kube-dns (and formerly kube2sky) cannot connect to it.

Is there a more straightforward way other than having a mechanism to delete and re-create the kube-dns pod?

-- user3379574
kube-dns
kubernetes
skydns

Similar Questions

How to configure kubernetes cluster with corporate ldap, for authentication?
How can I map a docker volume to a google compute engine persistent disk
Why does `kubectl logs` only show the most recent log rows?
DNS & Routing for Google Compute Engine VMs from Kubernetes on Container Engine

3 Answers

4/6/2017

how one would get kubernetes DNS (skydns, now called kube-dns) such that the kube-dns container/pod knows how to connect to the API server using and IP address or host

I don't think kube-dns need to connect to APIServer in Kubernetes' design.

But if you are trying to find a stable way to connect to APIServer (like you said "regardless if a master node goes down and another API server is started on a host with a different ip"), you've already done this if you deploy your cluster using kubeadm(more info about kubeadm). And this is implemented through kubernetes service, you can check that like this:

$ kubelet describe svc kubernetes
Name:                   kubernetes
Namespace:              default
Labels:                 component=apiserver
                        provider=kubernetes
Selector:               <none>
Type:                   ClusterIP
IP:                     10.96.0.1
Port:                   https   443/TCP
Endpoints:              10.140.0.2:6443
Session Affinity:       ClientIP
No events.

You can access APIServer through either 10.96.0.1:443(which is CluterIP) or 10.140.0.2:6443(which is PodIP of APIServer pod) through:

$ curl https://10.140.0.2:6443/version --cert /etc/kubernetes/pki/apiserver.pem --key /etc/kubernetes/pki/apiserver-key.pem --cacert /etc/kubernetes/pki/ca.pem
{
  "major": "1",
  "minor": "5",
  "gitVersion": "v1.5.4",
  "gitCommit": "7243c69eb523aa4377bce883e7c0dd76b84709a1",
  "gitTreeState": "clean",
  "buildDate": "2017-03-07T23:34:32Z",
  "goVersion": "go1.7.4",
  "compiler": "gc",
  "platform": "linux/amd64"
}
-- Crazykev
Source: StackOverflow
4/6/2017

You can query for endpoint and directly look for the one that corresponds to kubernetes. I can get it in two ways one is directly query for endpoints:

$ kubectl get ep
NAME         ENDPOINTS              AGE
kubernetes   192.168.122.116:8443   15h

or describe the service kubernetes running in default namespace

$ kubectl describe svc kubernetes
Name:                   kubernetes
Namespace:              default
Labels:                 component=apiserver
                        provider=kubernetes
Annotations:            <none>
Selector:               <none>
Type:                   ClusterIP
IP:                     10.0.0.1
Port:                   https   443/TCP
Endpoints:              192.168.122.116:8443
Session Affinity:       ClientIP
Events:                 <none>

here I get the host IP address and port and it is not running on 443 it's 8443. See if this helps solve your problem.

Or try adding one more port to kubernetes service whose targeet port is the same.

-- surajd
Source: StackOverflow
4/6/2017

You can use:

kubelet describe svc kubernetes

-- Cristhian Bicca
Source: StackOverflow