Fileshare setup for persist DNS record
Run this command in shell. These commands will create a fileshare to store DNS records and bind configuration.
AKS_PERS_STORAGE_ACCOUNT_NAME=mystorageaccount$RANDOM
AKS_PERS_RESOURCE_GROUP=test
AKS_PERS_LOCATION=japaneast
AKS_PERS_SHARE_NAME=named# Create a resource group
az group create --name $AKS_PERS_RESOURCE_GROUP --location $AKS_PERS_LOCATION# Create a storage account
az storage account create -n $AKS_PERS_STORAGE_ACCOUNT_NAME -g $AKS_PERS_RESOURCE_GROUP -l $AKS_PERS_LOCATION --sku Standard_LRS# Export the connection string as an environment variable, this is used when creating the Azure file share
export AZURE_STORAGE_CONNECTION_STRING=$(az storage account show-connection-string -n $AKS_PERS_STORAGE_ACCOUNT_NAME -g $AKS_PERS_RESOURCE_GROUP -o tsv)# Create the file share
az storage share create -n $AKS_PERS_SHARE_NAME --connection-string $AZURE_STORAGE_CONNECTION_STRING# Get storage account key
STORAGE_KEY=$(az storage account keys list --resource-group $AKS_PERS_RESOURCE_GROUP --account-name $AKS_PERS_STORAGE_ACCOUNT_NAME --query "[0].value" -o tsv)# Echo storage account name and key
echo Storage account name: $AKS_PERS_STORAGE_ACCOUNT_NAME
echo Storage account key: $STORAGE_KEY
create a secret to store the storage account key and name.
kubectl create secret generic bind-storage --from-literal=azurestorageaccountname=$AKS_PERS_STORAGE_ACCOUNT_NAME --from-literal=azurestorageaccountkey=$STORAGE_KEYDeploy bind in AKS
Please apply below yaml in kubernetes, it will create an internal DNS service and an external DNS web service for manage. The bind-svc service will provide DNS service, the bind-web service is for managing. You may change bind-svc and bind-svc-tcp to internal loadbalancer if you want to provide internal DNS service.
apiVersion: apps/v1
kind: Deployment
metadata:
name: bind
spec:
replicas: 1
selector:
matchLabels:
app: bind
template:
metadata:
labels:
app: bind
spec:
nodeSelector:
"beta.kubernetes.io/os": linux
containers:
- name: bind
image: sameersbn/bind:9.16.1-20200524
ports:
- containerPort: 53
containerPort: 10000
volumeMounts:
- name: dnsrecords
mountPath: /data
volumes:
- name: dnsrecords
azureFile:
secretName: bind-storage
shareName: named
readOnly: false
---
apiVersion: v1
kind: Service
metadata:
name: bind-svc
spec:
type: LoadBalancer
ports:
- name: udp
protocol: UDP
port: 53
targetPort: 53
selector:
app: bind
---
apiVersion: v1
kind: Service
metadata:
name: bind-svc-tcp
spec:
type: LoadBalancer
ports:
- name: tcp
protocol: TCP
port: 53
targetPort: 53
selector:
app: bind---
apiVersion: v1
kind: Service
metadata:
name: bind-web
spec:
type: LoadBalancer
ports:
- port: 10000
targetPort: 10000
selector:
app: bind
Afterward, you can get services.
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
bind-svc LoadBalancer 10.0.189.133 20.48.82.100 53:31136/UDP 26s
bind-svc-tcp LoadBalancer 10.0.123.178 20.48.82.68 53:31668/TCP 52s
bind-web LoadBalancer 10.0.41.16 20.43.88.60 10000:31030/TCP 9d
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 21dLogin https://20.43.88.60:10000, use default admin account(username: root, password: password)
Go to Servers->BIND DNS server, you can create your DNS zone here, and add DNS record.
Add DNS record to thisisatest.com zone.
Afterward, you will need to restart the named service. You can directly delete the bind pod. Or navigate to System -> bootup and shutdown, to restart the named(it will also trigger the pod restart).
You can setup the DNS to 10.0.163.91 internally for testing. You may change the service in bind.yaml to expose the DNS server if you want. I will create a pod within the cluster.
$ kubectl run -it test1 --image=centos -- bash
[root@test1 /]# cat /etc/resolv.conf
nameserver 20.48.82.100
search default.svc.cluster.local svc.cluster.local cluster.local reddog.microsoft.com
[root@test1 /]# nslookup page1.thisisatest.com
Server: 20.48.82.100
Address: 20.48.82.100#53Name: page1.thisisatest.com
Address: 120.120.120.120
