CoreDNS 无法识别 etcd 记录中带有非空“文本”键的查询

tag-icon tag-icon domain-name-system kubernetes etcd
CoreDNS 无法识别 etcd 记录中带有非空“文本”键的查询

我花了两天时间试图找出我的设置出了什么问题,但找不到合理的答案或解决方案,所以我想与你们分享。

发生了什么:我已经使用 helm 部署了一个新的 etcd,并配置了 external-dns 以在其中创建 dns 记录,还设置了一个 coredns 部署以从 etcd 读取记录。

但是,问题是,当在 etcd 内部创建记录时,coredns 不会响应我的dig命令,简而言之,我认为 coredns 无法识别具有非空“文本”键的查询。

external-dns 创建以下项目:

/opt/bitnami/etcd$ etcdctl get --prefix '/skydns'

/skydns/com/aminm/cname-goh/3ee06812
{"text":"\"heritage=external-dns,external-dns/owner=staging,external-dns/resource=ingress/stg-infra/goh.aminm.com-k8s\"","targetstrip":1}
/skydns/com/aminm/goh/149a1668
{"host":"sag.com","text":"\"heritage=external-dns,external-dns/owner=staging,external-dns/resource=ingress/stg-infra/goh.aminm.com-k8s\"","targetstrip":1}

并且 dnstools 没有返回任何结果:

dnstools# dig @10.103.49.243 goh.aminm.com

; <<>> DiG 9.11.3 <<>> @10.103.49.243 goh.aminm.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52879
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: f75cd784c97c1fd1 (echoed)
;; QUESTION SECTION:
;goh.aminm.com.                 IN      A

;; AUTHORITY SECTION:
aminm.com.              30      IN      SOA     ns.dns.aminm.com. hostmaster.aminm.com. 1684880221 7200 1800 86400 30

;; Query time: 9 msec
;; SERVER: 10.103.49.243#53(10.103.49.243)
;; WHEN: Tue May 23 22:17:01 UTC 2023
;; MSG SIZE  rcvd: 135

coredns 日志:

[INFO] 10.35.0.21:48154 - 29227 "A IN goh.aminm.com. udp 54 false 4096" NOERROR qr,aa,rd 112 0.002888737s

但是当我手动创建新记录并且在 etcd 中不指定“文本”值时:

/opt/bitnami/etcd$ etcdctl put /skydns/com/aminm/goh/3031e6b8 '{"host":"sag.com","text":"","targetstrip":1}'

dig 命令正常工作:

dnstools# dig @10.103.49.243 goh.aminm.com

; <<>> DiG 9.11.3 <<>> @10.103.49.243 goh.aminm.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47171
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;goh.aminm.com.                 IN      A

;; ANSWER SECTION:
goh.aminm.com.          1296000 IN      A       66.94.118.137

;; Query time: 242 msec
;; SERVER: 10.103.49.243#53(10.103.49.243)
;; WHEN: Tue May 23 22:23:40 UTC 2023
;; MSG SIZE  rcvd: 71

这也是我的核心域名配置:

.:53 {
    kubernetes cluster.local in-addr.arpa ip6.arpa {
        pods insecure
        fallthrough
        ttl 30
    }
    etcd aminm.com {
        path /skydns
        endpoint http://dns-etcd.stg-infra.svc.cluster.local:2379
        fallthrough
    }
    errors
    health {
        lameduck 5s
    }
    ready
    log
    prometheus 0.0.0.0:9153
    forward . 1.1.1.1
    reload
}

我希望 coredns 能够读取和响应 etcd 密钥,即使它们里面有“测试”密钥

相关内容