Comments (15)
from dns.
Can you check the connectivity between a pod and the DNS server?
kubectl exec -it alpine --image alpine sh
...
$ nc 10.96.0.10 53
It should say something like 10.96.0.10 (10.96.0.10:53) open
if it's able to connect.
Then you can try dig
:
kubectl exec -it alpine --image alpine sh
...
$ apk update && apk add bind-tools
$ dig +trace @10.96.0.10 google.com
from dns.
Same problem here. All of exposed services (Nexus, Dashboard) just stopped being available for unknown reason at last Friday evening. After digging into issue, found that kube-dns is not routing anything anymore and is not accessible by pods. Does anyone have come up with solution to this problem yet?
from dns.
@Alviere anything in your kube-dns logs about the health?
from dns.
@cmluciano Logs were actually fine, and I found the root cause of my issue. It was with faulty flannel. So I had to do such thing in my cloud config and everything worked again (all pods could successfully reach out pods on other nodes):
- path: "/etc/systemd/system/flanneld.service.d/50-network-config.conf"
permissions: "0644"
owner: "root"
content: |
[Service]
ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{ "Network": "10.10.0.0/16" }'```
from dns.
Closing this issue, please reopen if you have further problems.
from dns.
I've run into the same issue as the OP, my setup is similar using CoreOS and flannel, I followed the getting started guide here
I'm trying to get the kubernetes-dashboard working on a node other than master but have received errors saying it cannot reach the apiserver.
2018/01/11 16:25:36 Error while initializing connection to Kubernetes apiserver. This most likely means that the cluster is misconfigured (e.g., it has invalid apiserver certificates or service accounts configuration) or the --apiserver-host param points to a server that does not exist. Reason: Get https://10.96.0.1:443/version: dial tcp 10.96.0.1:443: i/o timeout Refer to our FAQ and wiki pages for more information: https://github.com/kubernetes/dashboard/wiki/FAQ
When testing the connection using alpine I do get a connection but nothing gets returned for nslookup
`
/ # nc 10.96.0.10 53 -v
10.96.0.10 (10.96.0.10:53) open
^Cpunt!
/ # nslookup kubernetes.default
nslookup: can't resolve '(null)': Name does not resolve
Name: kubernetes.default
Address 1: 10.96.0.1 kubernetes.default.svc.cluster.local
/ # nslookup kubernetes.local
nslookup: can't resolve '(null)': Name does not resolve
nslookup: can't resolve 'kubernetes.local': Try again
/ # nslookup kubernetes
nslookup: can't resolve '(null)': Name does not resolve
Name: kubernetes
Address 1: 10.96.0.1 kubernetes.default.svc.cluster.local
`
I'm sure this is a network issue but don't know where to look, any help would greatly be appriciated
from dns.
Hi, did you resolve this issue?
from dns.
IN my case
ps aux | grep kubelet
output **** --cluster_dns=1.2.3.4
THEN, in *dns.yaml
the clusterIP and cluster.local maybe like:
clusterIP: 1.2.3.4 and kubernetes cluster.local 1.2.0.0/16
AFTER setting, create new pod and will see:
[root@centos-d4fc98684-xtl6q /]# cat /etc/resolv.conf
nameserver 1.2.3.4
search kube-system.svc.cluster.local svc.cluster.local cluster.local
options ndots:3
AND (such centos or alpine or busybox ....)
/ # nslookup kubernetes.default
nslookup: can't resolve '(null)': Name does not resolve
Name: kubernetes.default
Address 1: 1.2.0.1 kubernetes.default.svc.cluster.local
dns OK
from dns.
@cloudusers I'm seeing that issue on EKS, with any container:
/ # nslookup kubernetes.default
nslookup: can't resolve '(null)': Name does not resolve
Name: kubernetes.default
Address 1: 10.100.0.1 kubernetes.default.svc.cluster.local
I don't understand the nslookup: can't resolve '(null)': Name does not resolve
bit. Where is it getting (null)
from?
from dns.
I'm seeing the same thing. Where does it get null
from, and why does it then proceed to return the correct IP address? It obviously did resolve.
from dns.
@cloudusers I'm seeing that issue on EKS, with any container:
/ # nslookup kubernetes.default nslookup: can't resolve '(null)': Name does not resolve Name: kubernetes.default Address 1: 10.100.0.1 kubernetes.default.svc.cluster.local
I don't understand the
nslookup: can't resolve '(null)': Name does not resolve
bit. Where is it getting(null)
from?
hello, have you got the answer? I have the same question
from dns.
I was trying to set a specific IP for resolvers on the worker nodes. Once I removed that, the problem stopped occurring.
from dns.
I was trying to set a specific IP for resolvers on the worker nodes. Once I removed that, the problem stopped occurring.
gotcha . do you know the relation between the problem and your setting? would you mind give more detail ,maybe I made the same stuff.
from dns.
@junsionzhang My nodes have Consul agent installed with the DNS interface enabled. I was bootstrapping the kubelets with --cluster-dns
pointing to the Consul DNS interface IP (I created a dummy interface with a static IP of 169.254.1.1 very similar to this article: https://medium.com/zendesk-engineering/making-docker-and-consul-get-along-5fceda1d52b9).
This prevented the pods from resolving records internal to the Kubernetes cluster. By leaving --cluster-dns
out of the bootstrap command, the pods can resolve internal addresses and still rely on the host's fallback of 169.254.1.1.
from dns.
Related Issues (20)
- Open ssl CVE present in node cache 1.22.20 HOT 11
- NodeLocalDNS not working with custom hosts HOT 7
- Output log as json HOT 3
- Using coredns daemonset instead of nodelocal dns HOT 19
- [Improvement] Add value compatibility for -upstreamsvc HOT 5
- [node-local dns] DNS requests intermittently receive refused response errors HOT 4
- Intermittent timed out accessing nodelocaldns HOT 2
- [NodeLocal DNS Cache] DNS requests not directed to the local cache HOT 2
- pull-kubernetes-dns-test broken at head HOT 2
- Several old CVE's still present on the latest k8s-dns-node-cache versions HOT 4
- Image for 1.22.27 missing HOT 3
- [node-local-dns] Query loss HOT 5
- CVE-2023-5363 and CVE-2023-5528 in 1.22.28 HOT 24
- k8s node-local-dns high slab memory consumption leading to OOM HOT 1
- 1.23.0 is missing from registry.k8s.io/dns/k8s-dns-node-cache HOT 2
- node-local-dns-cache DNS i/o timeout errors
- "make build-amd64" got an error
- LocalDNS support for CoreDNS file plugin
- NodeLocal DNS Cache Intercepts all dns queiris HOT 6
- kube-dns doesn't expose service scoped dns names for pod IPs
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dns.