[따배씨] 29. Kube-DNS / CKA 시험 문제 학습

이 포스팅은 아래의 유튜브 채널 "따배"를 따라서 학습한 내용입니다.

[관련 이론]

nslookup 시 pod와 service의 DNS 형태

: 위 kubernetes link에 자세히 기술되어 있음!!

[Precondition]

(1) 테스트 환경

(1.1) Rocky Linux Cluster

: 직접 구성

[root@k8s-master ~]# k get nodes -o wide
NAME         STATUS   ROLES           AGE   VERSION   INTERNAL-IP     EXTERNAL-IP   OS-IMAGE                            KERNEL-VERSION                  CONTAINER-RUNTIME
k8s-master   Ready    control-plane   30d   v1.27.2   192.168.56.30   <none>        Rocky Linux 8.10 (Green Obsidian)   4.18.0-553.33.1.el8_10.x86_64   containerd://1.6.32
k8s-node1    Ready    <none>          30d   v1.27.2   192.168.56.31   <none>        Rocky Linux 8.8 (Green Obsidian)    4.18.0-477.10.1.el8_8.x86_64    containerd://1.6.21
k8s-node2    Ready    <none>          30d   v1.27.2   192.168.56.32   <none>        Rocky Linux 8.8 (Green Obsidian)    4.18.0-477.10.1.el8_8.x86_64    containerd://1.6.21
[root@k8s-master ~]#

(1.2) Ubuntu Cluster

: kodekloud 테스트 환경 활용

controlplane ~ ➜  kubectl get nodes -o wide
NAME           STATUS   ROLES           AGE     VERSION   INTERNAL-IP   EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION   CONTAINER-RUNTIME
controlplane   Ready    control-plane   9m6s    v1.31.0   192.6.94.6    <none>        Ubuntu 22.04.4 LTS   5.4.0-1106-gcp   containerd://1.6.26
node01         Ready    <none>          8m31s   v1.31.0   192.6.94.9    <none>        Ubuntu 22.04.4 LTS   5.4.0-1106-gcp   containerd://1.6.26

https://learn.kodekloud.com/user/courses/udemy-labs-certified-kubernetes-administrator-with-practice-tests

(2) 사전 필요 설정

: N/A

[Question]

Create a nginx pod called nginx-resolver using image nginx, expose it internally with 
a service called nginx-resolver-service.

Test that you are able to look up the service and pod names from within the cluster. 
Use the image busybox:1.28 for dns lookup

- Record result in /tmp/nginx.svc and /tmp/nginx.pod

- pod: nginx-resolver created

- Service DNS Resolution recorded correctly

- Pod DNS resolution recorede correctly

[Solve]

(1) pod 생성

controlplane ~ ➜  k run nginx-resolver --image=nginx
pod/nginx-resolver created

controlplane ~ ➜  k get pods
NAME             READY   STATUS              RESTARTS   AGE
nginx-resolver   0/1     ContainerCreating   0          3s

controlplane ~ ➜  k get pods
NAME             READY   STATUS    RESTARTS   AGE
nginx-resolver   1/1     Running   0          8s

controlplane ~ ➜

(2) service 생성

controlplane ~ ➜  k expose pod nginx-resolver --name=nginx-resolver-service --port=80 --target-port=80
service/nginx-resolver-service exposed

controlplane ~ ➜  k get service 
NAME                     TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
kubernetes               ClusterIP   172.20.0.1     <none>        443/TCP   13m
nginx-resolver-service   ClusterIP   172.20.32.68   <none>        80/TCP    8s

(3) Test용 Pod 생성

: 유튜브 강좌와 다르게 선언형으로 생성하였음

controlplane ~ ➜  vi 29-dns.yaml

controlplane ~ ➜  cat 29-dns.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: dnsutils
  namespace: default
spec:
  containers:
  - name: dnsutils
    image: busybox:1.28
    imagePullPolicy: IfNotPresent
  restartPolicy: Always

controlplane ~ ➜  

controlplane ~ ➜  k apply -f 29-dns.yaml 
pod/dnsutils created

(4) 생성한 테스트용 pod에서 nslookup으로 pod, service의 dns 조회

: 유튜브 강좌와 다르게 pod에 접속 후 정보를 취득하였함.

: dns 조회에 필요한 pod의 IP 확인은 kubectl get nodes -o wide로 확인

controlplane ~ ➜  k get pods -o wide
NAME             READY   STATUS      RESTARTS      AGE     IP           NODE     NOMINATED NODE   READINESS GATES
dnsutils         1/1     Running     0             4m39s   172.17.1.5   node01   <none>           <none>
nginx-resolver   1/1     Running     0             21m     172.17.1.2   node01   <none>           <none>

controlplane ~ ➜  k exec -it dnsutils -- bash
bash-5.0# nslookup 172-20-29-219.default.pod.cluster.local
Server:         172.20.0.10
Address:        172.20.0.10#53

Name:   172-20-29-219.default.pod.cluster.local
Address: 172.20.29.219

bash-5.0# exit
exit

controlplane ~ ➜  

bash-5.0# nslookup 172-17-1-5.default.pod.cluster.local
Server:         172.20.0.10
Address:        172.20.0.10#53

Name:   172-17-1-5.default.pod.cluster.local
Address: 172.17.1.5

bash-5.0#

(5) 조회한 dns 정보를 /tmp/nginx.svc와 /tmp/nginx.pod로 저장

: 저장하는 방식은 각자 편하게,,

controlplane ~ ➜  vi /tmp/nginx.svc

controlplane ~ ➜  cat /tmp/nginx.svc
Server:         172.20.0.10
Address:        172.20.0.10#53

Name:   nginx-resolver-service.default.svc.cluster.local
Address: 172.20.29.219

controlplane ~ ➜  
controlplane ~ ➜  vi /tmp/nginx.pod

controlplane ~ ➜  cat /tmp/nginx.pod
Server:         172.20.0.10
Address:        172.20.0.10#53

Name:   172-17-1-5.default.pod.cluster.local
Address: 172.17.1.5

[사용 커맨드 정리]

k run nginx-resolver --image=nginx
k get pods
k get pods -o wide

k expose pod nginx-resolver --name=nginx-resolver-service --port=80 --target-port=80
k get service

vi 29-dns.yaml
k apply -f 29-dns.yaml

k exec -it dnsutils -- bash
nslookup 172-20-29-219.default.pod.cluster.local
nslookup 172-17-1-5.default.pod.cluster.local

vi /tmp/nginx.svc
vi /tmp/nginx.pod

저작자표시 비영리 변경금지

'Compute > kubernetis' 카테고리의 다른 글

[따배씨] 30. Network Policy / CKA 시험 문제 학습 (0)	2025.02.01
[따배씨] 28. ServiceAccount Cluster Role binding / CKA 시험 문제 학습 (0)	2025.02.01
[따배씨] 27. ServiceAccount Role Binding / CKA 시험 문제 학습 (0)	2025.02.01
[따배씨] 26. User Cluster Role Binding / CKA 시험 문제 학습 (0)	2025.02.01
[따배씨] 25. User Role Binding / CKA 시험 문제 학습 (0)	2025.02.01