# Run CoreDNS with Podman Pod on Alpine ```bash # 1. 建立工作目錄 $ mkdir -p "$HOME"/dns/{config,yaml} # 2. 設定 Corefile，作為 CoreDNS Server 的設定檔 $ nano "$HOME"/dns/config/Corefile .:53 { forward . 8.8.8.8 log errors } antony.com:53 { file /root/antony.db log errors } # 3. 設定 DNS zone file $ nano "$HOME"/dns/config/antony.db antony.com. IN SOA dns.antony.com. robbmanes.antony.com. 2015082541 7200 3600 1209600 3600 suma5.antony.com. IN A 192.168.80.21 ``` * `antony.com.` refers to the zone in which this DNS server is responsible for. * `SOA` refers to the type of record; in this case, a "Start of Authority" * `dns.antony.com` refers to the name of this DNS server * `robbmanes.antony.com` refers to the email of the administrator of this DNS server. Note that the `@` sign is simply noted with a period; this is not a mistake, but how it is formatted. * `2015082541` refers to the serial number. This can be whatever you like, so long as it is a serial number that is not reused in this configuration or otherwise has invalid characters. There are usually rules to follow concerning how to set this, notably by setting a valid date concerning the last modifications, like `2019020822` for February 08, 2019, at 22:00 hours. * `7200` refers to the Refresh rate in seconds; after this amount of time, the client should re-retrieve an SOA. * `3600` is the Retry rate in seconds; after this, any Refresh that failed should be retried. * `1209600` refers to the amount of time in seconds that passes before a client should no longer consider this zone as "authoritative". The information in this SOA expires ater this time. * `3600` refers to the Time-To-Live in seconds, which is the default for all records in the zone. * An A record indicates a name, in this case `suma5.example.com`, which can be canonically mapped directly to an IP address, `192.168.80.21`. ```bash! # 4. 編輯與設定 CoreDNS Pod YAML 檔 ## spec.volumes.hostpath.path 每個環境會不同，需要修改。 $ nano ${HOME}/dns/yaml/coredns-pod.yaml apiVersion: v1 kind: Pod metadata: labels: app: coredns-pod name: coredns-pod spec: containers: - args: - -conf - /root/Corefile image: docker.io/coredns/coredns:latest name: coredns volumeMounts: - mountPath: /root/ name: config hostNetwork: true volumes: - hostPath: path: /home/bigred/dns/config type: Directory name: config ``` ``` # 5. 啟動 CoreDNS Pod $ sudo podman kube play ${HOME}/dns/yaml/coredns-pod.yaml Pod: cd21bbdee88d877ca4c8501867ef620b3de166d606cf1bcd0825195c9b4768a5 Container: e214119e505edebd3f7ee001fc788d58fa4b1f1f6a13978347d79ffa4b1617df ``` ``` # 6. 檢查 STATUS 是否為 Up $ sudo podman ps -a --pod CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES POD ID PODNAME 8758ac9989d3 localhost/podman-pause:5.0.3-1720373660 2 minutes ago Up About a minute cd21bbdee88d-infra cd21bbdee88d coredns-pod e214119e505e docker.io/coredns/coredns:latest -conf /root/Coref... About a minute ago Up About a minute coredns-pod-coredns cd21bbdee88d coredns-pod ``` ``` # 7. 查詢 A record $ dig @192.168.80.11 suma5.antony.com +short 192.168.80.21 ``` ``` # 8. auto start pod after boot ## The following is openRC service $ sudo nano /etc/init.d/pod-coredns #!/sbin/openrc-run name=$RC_SVCNAME command="/usr/bin/podman" #networks_='' pod_name="coredns-pod" command_user="root" command_args="pod start ${pod_name} &> /dev/null &" depend() { after network-online use net } exists() { /sbin/runuser -u ${command_user} -- ${command} pod exists ${pod_name} 2> /dev/null result=$? if [ $result -ne 0 ]; then einfo "${pod_name} doesn't existed" return 3 fi } stop() { ebegin "Stopping $RC_SVCNAME" exists Status=$(/sbin/runuser -u ${command_user} -- ${command} pod ps -f name=${pod_name} --format "{{.Status}}") if [ $Status = Exited ]; then einfo "${pod_name} $Status" exit 0 fi /sbin/runuser -u ${command_user} -- ${command} pod stop ${pod_name} #2> /dev/null result=$? if [ $result -eq 0 ]; then einfo "status: stopped" return 0 fi } status() { exists Status=$(/sbin/runuser -u ${command_user} -- ${command} pod ps -f name=${pod_name} --format "{{.Status}}") if [ $Status = Running ]; then einfo "status: started" return 0 else einfo "status: stopped" return 3 fi } ``` ``` # 9. 賦予執行權限 $ sudo chmod +x /etc/init.d/pod-coredns # 10. Enable Service $ sudo rc-update add pod-coredns default # 11. Reboot $ sudo reboot # 12. Check Pod Status $ sudo podman ps -a --pod CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES POD ID PODNAME 11b8e349c74b localhost/podman-pause:5.0.3-1720373660 8 hours ago Up 5 minutes a30a257c2f50-infra a30a257c2f50 coredns-pod 50b063ed9107 docker.io/coredns/coredns:latest -conf /root/Coref... 8 hours ago Up 5 minutes coredns-pod-coredns a30a257c2f50 coredns-pod ```