Kubernetes 的 pod 内的 Internet 连接不工作
[英]Internet connectivity inside the pod of Kubernetes is not Working
问题描述
Not able to connect to internet from inside the pod
无法从吊舱内连接到互联网
My system Spec Include: I have created a Kubernetes cluster using 2 system one acts as master the other as worker node.我的系统规格包括:我创建了一个 Kubernetes 集群,使用 2 个系统一个作为主节点,另一个作为工作节点。
Operating System: NAME="Red Hat Enterprise Linux" VERSION="8.3 (Ootpa)" ID="rhel".操作系统:NAME="Red Hat Enterprise Linux" VERSION="8.3 (Ootpa)" ID="rhel"。
I installed the Kuberenetes clusted using the following the link ( https://dzone.com/articles/kubernetes-installation-in-redhat-centos )我使用以下链接( https://dzone.com/articles/kubernetes-installation-in-redhat-centos )安装了集群的 Kuberenetes
I have tried both CALICO pod network and Flannel pod network for both same issue is happening.我已经尝试过 CALICO pod 网络和 Flannel pod 网络,因为这两个问题都发生了。 Not able to connect to internet from inside the pod无法从吊舱内连接到互联网
See the below image for further details有关更多详细信息,请参见下图
you can see that all the pods are up and running.您可以看到所有的 pod 都已启动并运行。
My coredns pod is also up and running and the service for the respective is also up check the below image我的 coredns pod 也已启动并运行,相应的服务也已启动,请查看下图
Debugging调试
For debugging i tried using this link ( https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/ )对于调试,我尝试使用此链接( https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/ )
whenever i do nslookup it shows up the error saying (;; connection timed out; no servers could be reached,command terminated with exit code 1)每当我执行 nslookup 时,它都会显示错误消息(;;连接超时;无法访问服务器,命令以退出代码 1 终止)
please have a look at the below image请看下面的图片
Can anyone please tell where exactly the problem lies.谁能告诉我问题到底出在哪里。 why is that from inside the pod i an not able to connect to the internet为什么从吊舱内部我无法连接到互联网
Any help would be Appriciated Thank you.任何帮助将不胜感激谢谢。
1 个解决方案
解决方案1
1 2021-03-22 10:04:26
There are couple of possibilities for this kind of issue:此类问题有两种可能性:
It could be that this is not an issue with CoreDNS itself but rather the Kubernetes networking problem where the traffic to ClusterIPs is not directed correctly to Pods.
这可能不是 CoreDNS 本身的问题,而是 Kubernetes 网络问题,其中到 ClusterIP 的流量未正确定向到 Pod。 It could be that kube-proxy is responsinble for that.可能是 kube-proxy 对此负责。Here's a Kubernetes guide about troubleshooting services.
这是有关故障排除服务的Kubernetes 指南。Another issue very common for rhel/centos distributions is the issue with
nftablesbacked is not compatible with kubernetes.另一个对于 rhel/centos 发行版非常常见的问题是 nftables 支持的问题与nftables不兼容。nftablesis available as a modern replacement for the kernel'siptablessubsystem.nftables可作为内核iptables子系统的现代替代品。The workaround for this is to use Calico since from v3.8.1+ it possible to the CNI to run on hosts which use iptables in NFT mode.
解决方法是使用 Calico,因为从 v3.8.1+ 开始,CNI 可以在 NFT 模式下使用 iptables 的主机上运行。 Setting the FELIX_IPTABLESBACKEND=NFToption will tell Calico to use the nftables backend.设置FELIX_IPTABLESBACKEND=NFT选项将告诉 Calico 使用 nftables 后端。 For now, this will need to be set explicitly.目前,这需要明确设置。Lastly it is very possible that your Pod network overlap with the host networks.
最后,您的 Pod 网络很可能与主机网络重叠。 Reference: Installing a Pod network add-on参考: 安装 Pod 网络插件
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.