added 86 and 60

60_coredns/commands.sh

@@ -1,126 +1,39 @@
 # Custom domain names using Kubernetes CoreDNS
 
 kubectl get pods -n kube-system -l=k8s-app=kube-dns
-# NAME                       READY   STATUS    RESTARTS   AGE
-# coredns-77f75ff65d-sx9mf   1/1     Running   0          85m
-# coredns-77f75ff65d-z7f52   1/1     Running   0          89m
 
 kubectl get configmap -n kube-system -l=k8s-app=kube-dns
-# NAME                                 DATA   AGE
-# coredns                              1      88m
-# coredns-autoscaler                   1      83m
-# coredns-custom                       0      88m
 
 kubectl describe configmap coredns -n kube-system  
-# Name:         coredns
-# Namespace:    kube-system
-# Labels:       addonmanager.kubernetes.io/mode=Reconcile
-#               k8s-app=kube-dns
-#               kubernetes.io/cluster-service=true
-# Annotations:  <none>
-
-# Data
-# ====
-# Corefile:
-# ----
-# .:53 {
-#     errors
-#     ready
-#     health
-#     kubernetes cluster.local in-addr.arpa ip6.arpa {
-#       pods insecure
-#       fallthrough in-addr.arpa ip6.arpa
-#     }
-#     prometheus :9153
-#     forward . /etc/resolv.conf
-#     cache 30
-#     loop
-#     reload
-#     loadbalance
-#     import custom/*.override
-# }
-# import custom/*.server
-
-
-# BinaryData
-# ====
-
-# Events:  <none>
 
 kubectl describe configmap coredns-custom -n kube-system
-# Name:         coredns-custom
-# Namespace:    kube-system
-# Labels:       addonmanager.kubernetes.io/mode=EnsureExists
-#               k8s-app=kube-dns
-#               kubernetes.io/cluster-service=true
-# Annotations:  <none>
-
-# Data
-# ====
-
-# BinaryData
-# ====
-
-# Events:  <none>
 
 kubectl create deployment nginx --image=nginx --replicas=3
-# deployment.apps/nginx created
 
 kubectl expose deployment nginx --name nginx --port=80
-# service/nginx exposed
 
 kubectl get deploy,svc
-# NAME                    READY   UP-TO-DATE   AVAILABLE   AGE
-# deployment.apps/nginx   3/3     3            3           36s
-
-# NAME                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
-# service/kubernetes   ClusterIP   10.0.0.1       <none>        443/TCP   7h30m
-# service/nginx        ClusterIP   10.0.235.219   <none>        80/TCP    16s
 
 kubectl apply -f custom-coredns.yaml
-# configmap/coredns-custom configured
 
 kubectl run nginx --image=nginx
-# pod/nginx created
 
 kubectl exec -it nginx -- curl http://nginx
-# <!DOCTYPE html>
-# <html>
-# <head>
-# <title>Welcome to nginx!</title>
-# ...
 
 kubectl exec -it nginx -- curl http://nginx.default.svc.cluster.local
-# <!DOCTYPE html>
-# <html>
-# <head>
-# <title>Welcome to nginx!</title>
-# ...
 
 # resolve the custom service name (but with namespace)
-kubectl exec -it nginx -- curl http://nginx.default.aks.com 
-# <!DOCTYPE html>
-# <html>
-# <head>
-# <title>Welcome to nginx!</title>
 
-# resolve the custom service name (but without namespace)
+kubectl exec -it nginx -- curl http://nginx.default.aks.com 
 
-# replace `rewrite stop` block with the following:
-# rewrite stop {
-#   name regex (.*)\.aks\.com\.$ {1}.default.svc.cluster.local.
-#   answer name (.*).\default\.svc\.cluster\.local\.$ {1}.aks.com.
-# }
+# apply the new custom CoreDNS configmap
 
-# aply the new custom CoreDNS configmap
 kubectl apply -f custom-coredns.yaml
 
 # delete CoreDNS pods after updating the custom configmap to reload the new configmap
+
 kubectl delete pod --namespace kube-system -l k8s-app=kube-dns
 
 # resolving with '.aks.com'
+
 kubectl exec -it nginx -- curl http://nginx.aks.com
-# <!DOCTYPE html>
-# <html>
-# <head>
-# <title>Welcome to nginx!</title>

60_coredns_logs/Readme.md

@@ -0,0 +1,120 @@
+# Enabling logging in CoreDNS
+
+## Introduction
+
+`CoreDNS` is the DNS service discovery plugin for Kubernetes.
+CoreDNS is a replacement to `kube-dns` that was previously used in kubernetes.
+CoreDNS is pre-installed in `kube-system` namespace.
+
+<img src='./images/60_coredns__customdns.png'>
+
+The objective of this lab is to enable logs for CoreDNS to log DNS queries.
+
+```sh
+# create an AKS cluster
+
+$AKS_RG="rg-aks-cluster-dns-logs"
+$AKS_NAME="aks-cluster"
+
+az group create --name $AKS_RG --location westeurope
+
+az aks create -g $AKS_RG -n $AKS_NAME --network-plugin azure --node-vm-size "Standard_B2als_v2"
+
+az aks get-credentials -g $AKS_RG -n $AKS_NAME --overwrite-existing
+
+# create demo application
+
+kubectl run nginx --image=nginx
+
+kubectl exec -it nginx -- apt update
+kubectl exec -it nginx -- apt install dnsutils -y
+
+kubectl exec -it nginx -- nslookup microsoft.com
+
+# Did CoreDNS logged this DNS request ?
+
+# check CoreDNS logs
+
+kubectl get pods -n kube-system -l k8s-app=kube-dns
+# NAME                      READY   STATUS    RESTARTS   AGE
+# coredns-789789675-5mq2l   1/1     Running   0          5m11s
+# coredns-789789675-j55lz   1/1     Running   0          5m39s
+
+kubectl logs coredns-789789675-5mq2l -n kube-system
+
+kubectl logs coredns-789789675-j55lz -n kube-system
+
+# nothing was logged !
+
+# Is logging enabled in CoreDNS ?
+
+kubectl get configmap -n kube-system -l k8s-app=kube-dns
+# NAME             DATA   AGE
+# coredns          1      4m18s
+# coredns-custom   0      4m25s
+
+kubectl describe configmap coredns -n kube-system
+# Name:         coredns
+# Namespace:    kube-system
+# Labels:       addonmanager.kubernetes.io/mode=Reconcile
+#               k8s-app=kube-dns
+#               kubernetes.io/cluster-service=true
+# Annotations:  <none>
+
+# Data
+# ====
+# Corefile:
+# ----
+# .:53 {
+#     errors
+#     ready
+#     health {
+#       lameduck 5s
+#     }
+#     kubernetes cluster.local in-addr.arpa ip6.arpa {
+#       pods insecure
+#       fallthrough in-addr.arpa ip6.arpa
+#       ttl 30
+#     }
+#     prometheus :9153
+#     forward . /etc/resolv.conf
+#     cache 30
+#     loop
+#     reload
+#     loadbalance
+#     import custom/*.override
+# }
+# import custom/*.server
+
+
+# BinaryData
+# ====
+
+# Events:  <none>
+
+kubectl describe cm coredns-custom -n kube-system
+# Data
+# ====
+
+# enable logging for CoreDNS
+
+code coredns-custom.yaml
+
+kubectl apply -f coredns-custom.yaml
+
+# Force CoreDNS to reload the ConfigMap
+
+kubectl -n kube-system rollout restart deployment coredns
+
+kubectl get pods -n kube-system -l k8s-app=kube-dns
+
+# create DNS query
+
+kubectl exec -it nginx -- nslookup microsoft.com
+
+# View the CoreDNS logs
+
+kubectl logs --namespace kube-system -l k8s-app=kube-dns
+# [INFO] 10.224.0.10:47320 - 15830 "A IN microsoft.com. udp 31 false 512" NOERROR qr,rd,ra 176 0.001047529s
+# [INFO] 10.224.0.10:47575 - 61320 "AAAA IN microsoft.com. udp 31 false 512" NOERROR qr,rd,ra 236 0.001028862s
+```

60_coredns_logs/commands.sh

@@ -0,0 +1,106 @@
+# create an AKS cluster
+
+$AKS_RG="rg-aks-cluster-dns-logs"
+$AKS_NAME="aks-cluster"
+
+az group create --name $AKS_RG --location westeurope
+
+az aks create -g $AKS_RG -n $AKS_NAME --network-plugin azure --node-vm-size "Standard_B2als_v2"
+
+az aks get-credentials -g $AKS_RG -n $AKS_NAME --overwrite-existing
+
+# create demo application
+
+kubectl run nginx --image=nginx
+
+kubectl exec -it nginx -- apt update
+kubectl exec -it nginx -- apt install dnsutils -y
+
+kubectl exec -it nginx -- nslookup microsoft.com
+
+# Did CoreDNS logged this DNS request ?
+
+# check CoreDNS logs
+
+kubectl get pods -n kube-system -l k8s-app=kube-dns
+# NAME                      READY   STATUS    RESTARTS   AGE
+# coredns-789789675-5mq2l   1/1     Running   0          5m11s
+# coredns-789789675-j55lz   1/1     Running   0          5m39s
+
+kubectl logs coredns-789789675-5mq2l -n kube-system
+
+kubectl logs coredns-789789675-j55lz -n kube-system
+
+# nothing was logged !
+
+# Is logging enabled in CoreDNS ?
+
+kubectl get configmap -n kube-system -l k8s-app=kube-dns
+# NAME             DATA   AGE
+# coredns          1      4m18s
+# coredns-custom   0      4m25s
+
+kubectl describe configmap coredns -n kube-system
+# Name:         coredns
+# Namespace:    kube-system
+# Labels:       addonmanager.kubernetes.io/mode=Reconcile
+#               k8s-app=kube-dns
+#               kubernetes.io/cluster-service=true
+# Annotations:  <none>
+
+# Data
+# ====
+# Corefile:
+# ----
+# .:53 {
+#     errors
+#     ready
+#     health {
+#       lameduck 5s
+#     }
+#     kubernetes cluster.local in-addr.arpa ip6.arpa {
+#       pods insecure
+#       fallthrough in-addr.arpa ip6.arpa
+#       ttl 30
+#     }
+#     prometheus :9153
+#     forward . /etc/resolv.conf
+#     cache 30
+#     loop
+#     reload
+#     loadbalance
+#     import custom/*.override
+# }
+# import custom/*.server
+
+
+# BinaryData
+# ====
+
+# Events:  <none>
+
+kubectl describe cm coredns-custom -n kube-system
+# Data
+# ====
+
+# enable logging for CoreDNS
+
+code coredns-custom.yaml
+
+kubectl apply -f coredns-custom.yaml
+
+# Force CoreDNS to reload the ConfigMap
+
+kubectl -n kube-system rollout restart deployment coredns
+
+kubectl get pods -n kube-system -l k8s-app=kube-dns
+
+# create DNS query
+
+kubectl exec -it nginx -- nslookup microsoft.com
+
+# View the CoreDNS logs
+
+kubectl logs --namespace kube-system -l k8s-app=kube-dns
+# [INFO] 10.224.0.10:47320 - 15830 "A IN microsoft.com. udp 31 false 512" NOERROR qr,rd,ra 176 0.001047529s
+# [INFO] 10.224.0.10:47575 - 61320 "AAAA IN microsoft.com. udp 31 false 512" NOERROR qr,rd,ra 236 0.001028862s

60_coredns_logs/coredns-custom.yaml

@@ -0,0 +1,10 @@
+# https://learn.microsoft.com/en-us/azure/aks/coredns-custom
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: coredns-custom
+  namespace: kube-system
+data:  
+  log.override: | # any name end with the .override extension
+    log