2.8 KiB
2.8 KiB
Go로 작성된 오픈소스 DNS Server 경량, 유연성, 단순함이 특징 k8s의 기본 DNS로 사용됨
1. Install using docker
1.1. Directory structure
- /mnt/md0/infra
- .env
- compose.yml
- /coredns
- /config
- Corefile
- home.server.db
- /data
1.2. dotenv file
/.env
BASE_PATH=/mnt/md0/infra
1.3. Docker compose
/compose.yml
name: infrastructure
services:
dns:
image: coredns/coredns:1.11.3
container_name: dns
restart: always
command: -conf /root/Corefile
ports:
- 53:53/udp
- 53:53/tcp
- 9153:9153/tcp
volumes:
- ${BASE_PATH}/coredns/data:/data:rw
- ${BASE_PATH}/coredns/config:/root:ro
networks:
- infra
networks:
infra:
driver: bridge
1.4. 추가로 필요한 사항 - 리눅스
리눅스의 경우 53번 포트가 systemd-resolve 프로세스에 미리 점유되어 있다. 따라서 해당 프로세스가 53번 포트를 점유하지 않도록 바꿔주어야 DNS Server를 실행할 수 있다.
1.4.1. 프로세스 확인
sudo lsof -i :53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 671 systemd-resolve 14u IPv4 8659 0t0 UDP _localdnsstub:domain
systemd-r 671 systemd-resolve 15u IPv4 8660 0t0 TCP _localdnsstub:domain (LISTEN)
systemd-r 671 systemd-resolve 16u IPv4 8661 0t0 UDP _localdnsproxy:domain
systemd-r 671 systemd-resolve 17u IPv4 8662 0t0 TCP _localdnsproxy:domain (LISTEN)
1.4.2. Edit systemd-resolved config
sudo vim /etc/systemd/resolved.conf
before
#DNS=
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0
after
DNS=8.8.8.8
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
DNSStubListener=no
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0
1.4.3. Create symlink
sudo ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
1.4.4. Reboot
sudo reboot
2. Corefile
CoreDNS 의 설정 파일
home.server {
file /root/home.server.db
log
}
. {
forward . tls://8.8.8.8 tls://1.1.1.1 {
except home.server
}
log
cache
errors
}
3. Zone file
$ORIGIN home.server.
$TTL 3600
@ IN SOA ns1.home.server. admin.home.server. (
2024082401 ; serial
7200 ; refresh
3600 ; retry
1209600 ; expire
3600 ; minimum
)
@ IN NS ns1.home.server.
@ IN A 192.168.200.10
* IN CNAME @