dnsmasq 转发consul dns

安装配置dnsmasq

yum -y install dnsmasq

Dnsmasq通常通过目录中的一个dnsmasq.conf或一系列文件进行配置/etc/dnsmasq.d。在Dnsmasq的配置文件(例如/etc/dnsmasq.d/10-consul)中,添加以下内容:
/etc/dnsmasq.conf

conf-dir=/etc/dnsmasq.d
server=10.143.22.118
server=10.143.22.116

/etc/dnsmasq.d/10-consul

# Enable forward lookup of the 'consul' domain:
server=/consul/127.0.0.1#8600

# Uncomment and modify as appropriate to enable reverse DNS lookups for
# common netblocks found in RFC 1918, 5735, and 6598:
#rev-server=0.0.0.0/8,127.0.0.1#8600
#rev-server=10.0.0.0/8,127.0.0.1#8600
#rev-server=100.64.0.0/10,127.0.0.1#8600
#rev-server=127.0.0.1/8,127.0.0.1#8600
#rev-server=169.254.0.0/16,127.0.0.1#8600
#rev-server=172.16.0.0/12,127.0.0.1#8600
#rev-server=192.168.0.0/16,127.0.0.1#8600
#rev-server=224.0.0.0/4,127.0.0.1#8600
#rev-server=240.0.0.0/4,127.0.0.1#8600

启动 dnsmasq

systemctl start dnsmasq
systemctl enable dnsmasq

其他每台服务器需要配置对应的dnsmasq地址

cat /etc/resolv.conf 
# dnsmasq部署地址
nameserver 10.117.62.132 

测试能否ping通consul上注册的服务域名


dnsmasq 转发consul dns_第1张图片
image.png
$ ping fabio.service.consul
PING fabio.service.consul (10.117.62.132) 56(84) bytes of data.
64 bytes from iZ235wi8t3rZ (10.117.62.132): icmp_seq=1 ttl=64 time=0.015 ms
64 bytes from iZ235wi8t3rZ (10.117.62.132): icmp_seq=2 ttl=64 time=0.046 ms
64 bytes from iZ235wi8t3rZ (10.117.62.132): icmp_seq=3 ttl=64 time=0.050 ms
64 bytes from iZ235wi8t3rZ (10.117.62.132): icmp_seq=4 ttl=64 time=0.045 ms
$ ping redis.node_exporter.service.consul
PING redis.node_exporter.service.consul (10.81.50.53) 56(84) bytes of data.
64 bytes from 10.81.50.53: icmp_seq=1 ttl=55 time=1.61 ms
64 bytes from 10.81.50.53: icmp_seq=2 ttl=55 time=1.95 ms
64 bytes from 10.81.50.53: icmp_seq=3 ttl=55 time=2.21 ms
64 bytes from 10.81.50.53: icmp_seq=4 ttl=55 time=1.53 ms

默认ping consul tag也是可以正常通信

参考:
https://learn.hashicorp.com/consul/security-networking/forwarding

你可能感兴趣的:(dnsmasq 转发consul dns)