rancher.sundayhk.com 域名由RPZ代理内网解析，CoreDNS解析异常，需要配置COREDNS转发解析到内部DNS服务器，实现原自建的内网解析服务

内部DNS服务器：192.168.77.8
rpz局部代理可参考这篇文章

[root@bind9 ~]# cat /var/named/rpz.zone 
$TTL 1D
@   IN SOA  ns.sundayhk.com root.sundayhk.com. (
                2024071901  ; serial
                    1D  ; refresh
                    1H  ; retry
                    1W  ; expire
                    3H )    ; minimum
@   IN  NS  ns.sundayhk.com.
@   IN  A 192.168.77.8
nfs.sundayhk.com IN A 192.168.77.11
harbor.sundayhk.com IN A 192.168.77.12
rancher.sundayhk.com IN A 192.168.77.15

这里有多种配置方式，如特定域名使用自定义DNS服务器，详情可以参考
https://help.aliyun.com/zh/ack/ack-managed-and-ack-dedicated/user-guide/configure-coredns

这里域名完全使用自建DNS服务器的方式

[root@k8s-master01 kubernetes]# kubectl get configmap coredns -n kube-system -oyaml
apiVersion: v1
data:
  Corefile: |
    .:53 {
        errors
        health {
          lameduck 5s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
          fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        forward . /etc/resolv.conf {
          max_concurrent 1000
        }
        cache 30
        loop
        reload
        loadbalance
    }
kind: ConfigMap
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"v1","data":{"Corefile":".:53 {\n    errors\n    health {\n      lameduck 5s\n    }\n    ready\n    kubernetes cluster.local in-addr.arpa ip6.arpa {\n      fallthrough in-addr.arpa ip6.arpa\n    }\n    prometheus :9153\n    forward . /etc/resolv.conf {\n      max_concurrent 1000\n    }\n    cache 30\n    loop\n    reload\n    loadbalance\n}\n"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"coredns","namespace":"kube-system"}}
  creationTimestamp: "2024-03-12T21:25:02Z"
  name: coredns
  namespace: kube-system
  resourceVersion: "14380334"
  uid: 2a60e154-e812-45b5-b9d1-594e7e63099f

[root@k8s-master01 kubernetes]# kubectl get pod -n kube-system | grep coredns
kube-system            coredns-85b5646f88-cz59x                           1/1     Running            0                   131d

[root@k8s-master01 kubernetes]# kubectl edit configmap coredns -n kube-system

    .:53 {
        errors
        health {
          lameduck 5s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
          fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        forward . 192.168.77.8 {
          prefer_udp
        }
        cache 30
        loop
        reload
        loadbalance
    }
kind: ConfigMap
...

需要删除重建POD才生效

kubectl delete pod coredns-85b5646f88-cz59x -n kube-system

运行busybox 进行dns解析测试

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
  name: busybox
  namespace: default
spec:
  containers:
  - name: busybox
    image: busybox:1.28
    command:
      - sleep
      - "3600"
    imagePullPolicy: IfNotPresent
  restartPolicy: Always
EOF

[root@k8s-master01 kubernetes]# kubectl exec -it busybox -- nslookup harbor.sundayhk.com
Server:    10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local

Name:      harbor.sundayhk.com
Address 1: 192.168.77.12