kubernetes [ZONES...] {
endpoint URL
tls CERT KEY CACERT
kubeconfig KUBECONFIG CONTEXT
namespaces NAMESPACE...
labels EXPRESSION
pods POD-MODE
endpoint_pod_names
ttl TTL
noendpoints
transfer to ADDRESS...
fallthrough [ZONES...]
ignore empty_service
}
在zjjpt-es的namespace分區下有如下的服務:
在zjjpt-redis的namespace分區下有如下的服務:
在mysql的namespace分區下有如下的服務:
使用namespace_label表達式
namespaces NAMESPACE [NAMESPACE…] only exposes the k8s namespaces listed. If this option is omitted all namespaces are exposed
namespace_labels EXPRESSION only expose the records for Kubernetes namespaces that match this label selector. The label selector syntax is described in the Kubernetes User Guide - Labels. An example that only exposes namespaces labeled as “istio-injection=enabled”, would use: labels istio-injection=enabled.
labels EXPRESSION only exposes the records for Kubernetes objects that match this label selector. The label selector syntax is described in the Kubernetes User Guide - Labels. An example that only exposes objects labeled as “application=nginx” in the “staging” or “qa” environments, would use: labels environment in (staging, qa),application=nginx.
label表達式語法:k8s官方文檔:label語法
給zjjpt-redis和zjjpt-es的namespace上打label:
kubectl label ns zjjpt-redis coredns=middleware
kubectl label ns zjjpt-es coredns=middleware
在coredns的Corefile配置文件configmaps中加入namespace_label配置:
重啓coredns pod後測試,nslookup指定域名解析IP爲coredns的podIP,可以看到mysql分區下的域名不能解析。
使用coredns!=middleware標籤報錯:
使用coredns notin (middleware)標籤:
使用label表達式
如果使用label的方式,配置如下:
此時只需要給指定的svc配置上改label即可:
選擇包含標籤middleware的svc:會匹配到middleware=redis、middleware=mysql等key是middleware的對象。
