Kubernetes DNS不再解析名称
我的集群运行的是KubernetesV1.18.2(calico for networking),与KubesPray一起安装。我可以从外部访问我的服务,但当它们需要相互连接时,它们就会失败(例如,当UI试图连接到数据库时)。
下面提供了以下命令的一些输出:https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/
kubectl Exec-TI BusyBox-6899B748D7-PBDK4-cat/etc/resolv.conf
nameserver 10.233.0.10
search default.svc.cluster.local svc.cluster.local cluster.local ovh.net
opthtml" target="_blank">ions ndots:5
kubectl执行-ti busybox-6899b748d7-pbdk4-nslookup kubernetes.default
Server: 10.233.0.10
Address: 10.233.0.10:53
** server can't find kubernetes.default: NXDOMAIN
*** Can't find kubernetes.default: No answer
command terminated with exit code 1
kubectl Exec-TI BusyBox-6899B748D7-PBDK4-NSlookup Google.com
Server: 10.233.0.10
Address: 10.233.0.10:53
Non-authoritative answer:
Name: google.com
Address: 172.217.22.142
*** Can't find google.com: No answer
kubectl Exec-TI Busybox-6899B748D7-PBDK4-ping Google.com
PING google.com (172.217.22.142): 56 data bytes
64 bytes from 172.217.22.142: seq=0 ttl=52 time=4.409 ms
64 bytes from 172.217.22.142: seq=1 ttl=52 time=4.359 ms
^C
--- google.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 4.359/4.384/4.409 ms
NAME READY STATUS RESTARTS AGE
coredns-74b594f4c6-5k6kq 1/1 Running 2 6d7h
coredns-74b594f4c6-9ct8x 1/1 Running 0 16m
当我获得DNS POD的日志时:对于p(在$(kubectl get pods--namespace=kube-system-l k8s-app=kube-dns-o name);do kubectl日志--namespace=kube-system$p;做过的他们满满的都是:
E0522 11:56:22.613704 1 reflector.go:153] pkg/mod/k8s.io/client-go@v0.17.2/tools/cache/reflector.go:105: Failed to list *v1.Endpoints: Get https://10.233.0.1:443/api/v1/endpoints?limit=500&resourceVersion=0: net/http: TLS handshake timeout
E0522 11:56:33.678487 1 reflector.go:307] pkg/mod/k8s.io/client-go@v0.17.2/tools/cache/reflector.go:105: Failed to watch *v1.Service: Get https://10.233.0.1:443/api/v1/services?allowWatchBookmarks=true&resourceVersion=1667490&timeout=8m12s&timeoutSeconds=492&watch=true: dial tcp 10.233.0.1:443: connect: connection refused
E0522 12:19:42.356157 1 reflector.go:307] pkg/mod/k8s.io/client-go@v0.17.2/tools/cache/reflector.go:105: Failed to watch *v1.Namespace: Get https://10.233.0.1:443/api/v1/namespaces?allowWatchBookmarks=true&resourceVersion=1667490&timeout=6m39s&timeoutSeconds=399&watch=true: dial tcp 10.233.0.1:443: connect: connection refused
E0522 12:19:42.356327 1 reflector.go:307] pkg/mod/k8s.io/client-go@v0.17.2/tools/cache/reflector.go:105: Failed to watch *v1.Service: Get https://10.233.0.1:443/api/v1/services?allowWatchBookmarks=true&resourceVersion=1667490&timeout=6m41s&timeoutSeconds=401&watch=true: dial tcp 10.233.0.1:443: connect: connection refused
coredns服务已启动:kubectl get svc--namespace=kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
coredns ClusterIP 10.233.0.3 <none> 53/UDP,53/TCP,9153/TCP 7d4h
dashboard-metrics-scraper ClusterIP 10.233.52.242 <none> 8000/TCP 7d4h
kubernetes-dashboard ClusterIP 10.233.63.42 <none> 443/TCP 7d4h
voyager-operator ClusterIP 10.233.31.206 <none> 443/TCP,56791/TCP 6d5h
公开了endpoint:kubectl get ep coredns--namespace=kube-system
NAME ENDPOINTS AGE
coredns 10.233.68.9:53,10.233.79.7:53,10.233.68.9:9153 + 3 more... 7d4h
我弄坏了什么?我该怎么解决这个?
编辑:更多信息在评论中请求:kubectl get pods-n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-5d9cfb4bfd-8h7jd 1/1 Running 0 3d14h
calico-node-6w8g6 1/1 Running 13 4d15h
calico-node-78thq 1/1 Running 6 7d19h
calico-node-cr4jl 1/1 Running 23 4d16h
calico-node-g5q99 1/1 Running 1 3d15h
calico-node-pmss2 1/1 Running 0 3d15h
calico-node-zw9fk 1/1 Running 18 4d19h
coredns-74b594f4c6-5k6kq 1/1 Running 2 6d22h
coredns-74b594f4c6-9ct8x 1/1 Running 0 15h
dns-autoscaler-7594b8c675-j5jfv 1/1 Running 0 15h
kube-apiserver-kub1 1/1 Running 42 7d20h
kube-apiserver-kub2 1/1 Running 1 7d19h
kube-apiserver-kub3 1/1 Running 33 7d19h
kube-controller-manager-kub1 1/1 Running 37 7d20h
kube-controller-manager-kub2 1/1 Running 4 3d15h
kube-controller-manager-kub3 1/1 Running 55 7d19h
kube-proxy-4dlf8 1/1 Running 4 4d15h
kube-proxy-4nlhf 1/1 Running 2 4d15h
kube-proxy-82kkz 1/1 Running 3 4d15h
kube-proxy-lvsfz 1/1 Running 0 3d15h
kube-proxy-pmhnx 1/1 Running 4 4d15h
kube-proxy-wpfnn 1/1 Running 10 4d15h
kube-scheduler-kub1 1/1 Running 34 7d20h
kube-scheduler-kub2 1/1 Running 3 7d19h
kube-scheduler-kub3 1/1 Running 51 7d19h
kubernetes-dashboard-7dbcd59666-79gxv 1/1 Running 0 3d14h
kubernetes-metrics-scraper-6858b8c44d-g9m9w 1/1 Running 1 5d22h
nginx-proxy-galaxy 1/1 Running 2 4d15h
nginx-proxy-kub4 1/1 Running 7 4d19h
nginx-proxy-kub5 1/1 Running 6 4d16h
nodelocaldns-2dv59 1/1 Running 0 3d15h
nodelocaldns-9skxm 1/1 Running 5 4d16h
nodelocaldns-dwg4z 1/1 Running 4 4d15h
nodelocaldns-nmwwz 1/1 Running 12 7d19h
nodelocaldns-qkq8n 1/1 Running 4 4d19h
nodelocaldns-v84jj 1/1 Running 8 7d19h
voyager-operator-5677998d47-psskf 1/1 Running 10 4d15h
共有1个答案
我能再现那个场景。
$ kubectl exec -it busybox -n dev -- nslookup kubernetes.default
Server: 10.96.0.10
Address: 10.96.0.10:53
** server can't find kubernetes.default: NXDOMAIN
*** Can't find kubernetes.default: No answer
command terminated with exit code 1
$ kubectl exec -it busybox -n dev -- nslookup google.com
Server: 10.96.0.10
Address: 10.96.0.10:53
Non-authoritative answer:
Name: google.com
Address: 172.217.168.238
*** Can't find google.com: No answer
$ kubectl exec -it busybox -n dev -- ping google.com
PING google.com (172.217.168.238): 56 data bytes
64 bytes from 172.217.168.238: seq=0 ttl=52 time=18.425 ms
64 bytes from 172.217.168.238: seq=1 ttl=52 time=27.176 ms
64 bytes from 172.217.168.238: seq=2 ttl=52 time=18.603 ms
64 bytes from 172.217.168.238: seq=3 ttl=52 time=15.445 ms
64 bytes from 172.217.168.238: seq=4 ttl=52 time=16.492 ms
64 bytes from 172.217.168.238: seq=5 ttl=52 time=19.294 ms
^C
--- google.com ping statistics ---
6 packets transmitted, 6 packets received, 0% packet loss
round-trip min/avg/max = 15.445/19.239/27.176 ms
但我使用dnsutils映像执行了相同的步骤。这在Kubernetes文件中提到过。它给出了积极的回应。
$ kubectl exec -ti dnsutils -n dev -- nslookup kubernetes.default
Server: 10.96.0.10
Address: 10.96.0.10#53
Name: kubernetes.default.svc.cluster.local
Address: 10.96.0.1
$ kubectl exec -ti dnsutils -n dev -- nslookup google.com
Server: 10.96.0.10
Address: 10.96.0.10#53
Non-authoritative answer:
Name: google.com
Address: 172.217.168.238
Name: google.com
Address: 2a00:1450:400e:80c::200e
根据我的理解,这里的busybox容器中的dnsutil有问题。这就是为什么我们会出现这个DNS解析错误。
-
我正在尝试使用Spring Cloud的Open Faign调用另一个服务,但我一直得到以下回应: 这是我的密码: 我已将Faign配置为使用OkHttp客户端,但我不确定它是否对错误负责:
-
解析至以太坊地址 ENS中最简单和最常用的函数是域名解析函数。域名可以关联多种类型的资源,其中最常见的是以太坊地址。借助ENS库,将域名解析为以太坊地址很简单: ethereum-ens var address = await ens.resolver('alice.eth').addr(); 1 web3.js var address = ens.getAddress('alice.eth');
-
问题内容: 我一直在尝试导入以下Web服务:http : //soap.genome.jp/KEGG.wsdl和$ {JAVA_HOME} / bin / wsimport: 但出现以下错误: 问题是来自WSDL还是来自wsimport的实现?我应该使用其他工具吗? 谢谢 皮埃尔 问题答案: 我从此错误报告中发现了(显然是)解决方法:https : //netbeans.org/bugzilla/
-
目前还没有用于链上解析的可靠库,但是ENS解析非常简单,不需要库也可以轻松完成。首先,我们定义了一些只包含必要方法的简化接口,: contract ENS { function resolver(bytes32 node) constant returns (Resolver); } contract Resolver { function addr(bytes32 node)
-
我开始使用Grpc框架来实现客户机/服务器之间的一些通信,但我遇到了这个异常: rpc.core.rpcException:'statuscode=unavailable,detail=“Name resolution failure)' 谁能告诉我出了什么问题吗?为什么我无法连接到服务器? 堆栈: 在system.runtime.exceptionServices.exceptionDispat
-
问题内容: 在做镜像或拉镜像时,Docker如何确定镜像名称中是否存在注册表服务器,或者默认注册表中它是否为路径/用户名(例如Docker Hub)? 我从1.1图像规范中看到以下内容: 标签 标签用于将用户提供的描述性名称映射到任何单个图像ID。标记值限于字符集[a-zA-Z_0-9]。 资料库 标签的集合,这些标签被分组在一个共同的前缀下:(:之前的名称部分)。例如,在标记有名称my-app: