K
Q

Why the core dns doesnt resolve any domain name when firewalld is enabled? It works when firewalld is stopped

5/14/2019

I have enabled all required ports. When i enable the firewalld service then the core-dns doesnt resolve any domain-name with command $ kubectl exec -ti busybox -- nslookup kubernetes.default

-- Bidhan Bastola
google-kubernetes-engine
kubernetes
kubernetes-ingress

Similar Questions

kubectl exec "error: unable to upgrade connection: Unauthorized"
Kubernetes Dashboard Installation giving x509: certificate signed by unknown authority error
Gke - kubernetes / how to ensure deployment isolation on a given node
Azure AKS - cluster in failed state without any malfunction
Nginx-ingress helm deployment - default backend only works with port 8080

1 Answer

5/14/2019

This seems to be a know case, which you can find on GitHub Fresh deploy with CoreDNS not resolving any dns lookup #1056.

There seems to be few solutions which would mean different problems.

One being:

sudo systemctl stop firewalld
sudo systemctl stop firewalld

Please remember this is not recommended.

Another solution might be:

Adding iptables -p FORWARD ACCEPT.

Also check if core dns daemon controller has enough resources, as this might be causing restarts.

You need to provide more details regarding your cluster so we can pinpoint the issue.

-- Crou
Source: StackOverflow