注意root权限
Corefile示例
mkdir /etc/coredns
vi /etc/coredns/Corefile
.:53 {
# 绑定interface ip
bind 0.0.0.0
# 先走本机的hosts
# https://coredns.io/plugins/hosts/
hosts {
# 自定义sms.service search.service 的解析
# 因为解析的域名少我们这里直接用hosts插件即可完成需求
# 如果有大量自定义域名解析那么建议用file插件使用 符合RFC 1035规范的DNS解析配置文件
192.168.40.117 harbor.hftextcloud.com
192.168.40.136 jenkins.hftextcloud.com
192.168.30.153 sonarqube.hftextcloud.com
192.168.30.154 sonarqube.hftextcloud.com
# ttl
ttl 60
# 重载hosts配置
reload 1m
# 继续执行
fallthrough
}
# file enables serving zone data from an RFC 1035-style master file.
# https://coredns.io/plugins/file/
# file service.signed service
# 最后所有的都转发到系统配置的上游dns服务器去解析
# forward . 223.5.5.5 114.114.114.114
forward . /etc/resolv.conf
# 缓存时间ttl
cache 120
# 自动加载配置文件的间隔时间
reload 6s
# 输出日志
log
# 输出错误
errors
}
启动coredns
root@deepin:./coredns -conf Corefile2
.:53 on 0.0.0.0
[INFO] plugin/reload: Running configuration MD5 = fbe4f8554925e3dabb2d35e311422bc5
______ ____ _ _______
/ ____/___ ________ / __ \/ | / / ___/ ~ CoreDNS-1.6.4
/ / / __ \/ ___/ _ \/ / / / |/ /\__ \ ~ linux/amd64, go1.13.1, b139ba3-dirty
/ /___/ /_/ / / / __/ /_/ / /| /___/ /
\____/\____/_/ \___/_____/_/ |_//____/
dig测试
测试自定义域名
root@deepin:dig @127.0.0.1 sonarqube.hftextcloud.com
; <<>> DiG 9.10.3-P4-Debian <<>> @127.0.0.1 sonarqube.hftextcloud.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55064
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;sonarqube.hftextcloud.com. IN A
;; ANSWER SECTION:
sonarqube.hftextcloud.com. 60 IN A 192.168.30.153
sonarqube.hftextcloud.com. 60 IN A 192.168.30.154
;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Nov 06 09:31:11 CST 2019
;; MSG SIZE rcvd: 136
测试forward
root@deepin:dig @127.0.0.1 baidu.com
; <<>> DiG 9.10.3-P4-Debian <<>> @127.0.0.1 baidu.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41477
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;baidu.com. IN A
;; ANSWER SECTION:
baidu.com. 120 IN A 220.181.38.148
baidu.com. 120 IN A 39.156.69.79
;; Query time: 8 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Nov 06 09:33:15 CST 2019
;; MSG SIZE rcvd: 88
部署使用
下载
wget https://github.com/coredns/coredns/releases/download/v1.6.5/coredns_1.6.5_linux_amd64.tgz
tar zxf coredns_1.6.5_linux_amd64.tgz -C /usr/bin/
添加用户
useradd coredns -s /sbin/nologin
安装成service
vi /usr/lib/systemd/system/coredns.service
[Unit]
Description=CoreDNS DNS server
Documentation=https://coredns.io
After=network.target
[Service]
PermissionsStartOnly=true
LimitNOFILE=1048576
LimitNPROC=512
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
User=coredns
WorkingDirectory=~
ExecStart=/usr/bin/coredns -conf=/etc/coredns/Corefile
ExecReload=/bin/kill -SIGUSR1 $MAINPID
Restart=on-failure
[Install]
WantedBy=multi-user.target
启动
systemctl enable coredns
systemctl start coredns
systemctl status coredns
docker使用
docker run -d --name coredns --restart=always --volume=$PWD:/root/ -p 53:53/udp coredns/coredns -conf /root/Corefile