堆栈内存溢出
  简体   繁体   English

无法从 k8s pod 内部解析 dns

[英]Can't resolve dns from inside k8s pod

 原文  2020-07-27 08:21:59       kubernetes/ dns/ kube-dns

问题描述

In dnsutils pod exec ping stackoverflow.com在 dnsutils pod exec ping stackoverflow.com

/ # ping stackoverflow.com
ping: bad address 'stackoverflow.com'

The /etc/resolve.conf file looks fine from inside the pod /etc/resolve.conf文件从 pod 内部看起来不错

/ # cat /etc/resolv.conf 
nameserver 10.96.0.10
search weika.svc.cluster.local svc.cluster.local cluster.local
options ndots:5

10.96.0.10 is the kube-dns service ip: 10.96.0.10是 kube-dns 服务 ip:

[root@test3 k8s]# kubectl -n kube-system get service
NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                     AGE
kube-dns                    ClusterIP   10.96.0.10      <none>        53/UDP,53/TCP,9153/TCP      75d

core dns

[root@test3 k8s]# kubectl -n kube-system get  pod -o wide | grep core
coredns-6557d7f7d6-5nkv7                             1/1     Running   0          10d   10.244.0.14    test3.weikayuninternal.com   <none>           <none>
coredns-6557d7f7d6-gtrgc                             1/1     Running   0          10d   10.244.0.13    test3.weikayuninternal.com   <none>           <none>

when I change the nameserver ip to coredns ip. resolve dns is ok.当我将名称服务器 ip 更改为 coredns ip 时。解析 dns 就可以了。

/ # cat /etc/resolv.conf 
nameserver 10.244.0.14
#nameserver 10.96.0.10
search weika.svc.cluster.local svc.cluster.local cluster.local
options ndots:5
/ # ping stackoverflow.com
PING stackoverflow.com (151.101.65.69): 56 data bytes
64 bytes from 151.101.65.69: seq=0 ttl=49 time=100.497 ms
64 bytes from 151.101.65.69: seq=1 ttl=49 time=101.014 ms
64 bytes from 151.101.65.69: seq=2 ttl=49 time=100.462 ms
64 bytes from 151.101.65.69: seq=3 ttl=49 time=101.465 ms
64 bytes from 151.101.65.69: seq=4 ttl=49 time=100.318 ms
^C
--- stackoverflow.com ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 100.318/100.751/101.465 ms
/ #

Why is it happening?为什么会这样?

2 个解决方案

解决方案1
 0  2020-07-27 08:48:53

You have not mentioned how kubernetes was installed.您还没有提到 kubernetes 是如何安装的。 You should restart coredns pods using below command.您应该使用以下命令重新启动 coredns pod。

kubectl -n kube-system rollout restart deployment coredns

解决方案2
 0  2022-11-22 15:06:38

This might only apply to you if there was trouble during either your initial installation of microk8s or enablement of the dns addon , but it might still be worth a shot.这可能仅适用于您在初始安装microk8s或启用dns插件期间出现问题的情况,但它可能仍然值得一试。 I've invested so much gd time in this I couldn't live with myself if I didn't at least share to help that one person out there.我在这方面投入了太多的时间,如果我不至少分享帮助那个人的话,我就无法忍受自己。

In my case, the server I provisioned to set up a single-node cluster was too small - only 1GB of memory. When I was setting up microk8s for the first time and enabling all the addons I wanted (dns, ingress, hostpath-storage), I started running into problems that were remedied by just giving the server more memory. Unfortunately though, screwing that up initially seems to have left the addons in some kind of undefined, partially initialized/configured state, such that everything appeared to be running normally as best I could tell (ie CoreDNS was deployed and ready, and the kube-dns service showed CoreDNS's ClusterIP as it's backend endpoint) but none of my pods could resolve any DNS names, internal or external to the cluster, and I would get these annoying event logs when I ran kubectl describe <pod> suggesting there was a DNS issue of some kind.在我的例子中,我配置的用于设置单节点集群的服务器太小——只有 1GB 的 memory。当我第一次设置 microk8s 并启用我想要的所有插件时(dns、ingress、hostpath-storage ), 我开始遇到问题,只需给服务器更多 memory 就可以解决这些问题。不幸的是,最初搞砸了似乎让插件处于某种未定义、部分初始化/配置的状态 state,这样一切似乎都在运行通常我能说的最好(即 CoreDNS 已部署并准备就绪,并且kube-dns服务显示 CoreDNS 的 ClusterIP 作为它的后端端点)但是我的 pod 都无法解析集群内部或外部的任何 DNS 名称,我会得到当我运行kubectl describe <pod>时, 这些烦人的事件日志表明存在某种 DNS 问题。

What ended up fixing it is resetting the cluster ( microk8s reset --destroy-storage ) and then re-enabling all my addons ( microk8s enable dns ingress hostpath-storage ) now that I had enough memory to do so cleanly do so.最终修复它的是重置集群 ( microk8s reset --destroy-storage ),然后重新启用我的所有插件 ( microk8s enable dns ingress hostpath-storage ),现在我有足够的 memory 可以干净利落地这样做。 After that, CoreDNS and the kube-dns service appeared ready just like before, but DNS queries actually worked like they should from within the pods running in the cluster.在那之后,CoreDNS 和kube-dns服务看起来像以前一样准备就绪,但 DNS 查询实际上在集群中运行的 pod 中正常工作。

tl;dr; TL;博士; - Your dns addon might have have been f'd up during cluster installation. - 您的dns插件可能在集群安装过程中已损坏。 Try resetting your cluster, re-enabling the addons, and re-deploying your resources.尝试重置您的集群,重新启用插件,并重新部署您的资源。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无法从 k8s pod 内部解析 home dns - Can't resolve home dns from inside k8s pod “nslookup:读取:连接被拒绝”来自 Kubernetes (K8S) 集群中的 pod 内部(DNS 问题) - “nslookup: read: Connection refused” from inside of a pod in Kubernetes (K8S) cluster (DNS problem) 从内部运行的应用程序读取k8s pod的IP - Read IP of k8s pod from application running inside it 为什么 k8s pod 在 ConfigMap 中找不到 key? - Why k8s pod can't find key in ConfigMap? 如何配置k8s客户端,以便它可以与k8s集群Pod中的k8s CRD对话? - How to config k8s client so that it can talk to k8s CRDs from a k8s cluster pod? 如何更新 K8S Pod 的 DNS 配置 - How to update DNS configuration of K8S Pod 来自 K8S POD 的 CURL - CURL from K8S POD 从 pod 访问 K8S API - Access K8S API from a pod 从外部连接到 pod (k8s) - connect to pod from outside (k8s) k8s中的grpc无法解析服务DNS名称 - grpc in k8s cannot resolve service dns name
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM