K
Q

core-dns says NXDOMAIN from query outside Kubernetes

1/14/2020

I'm running Kubernetes with coredns. I can query the coredns only when i am inside the cluster.

Coredns resolves all Pods and Service from all namespaces fine:

pod1# nslookup pod99.svc.cluster.local 172.16.9.76 #(coredns)

Address 1: 172.16.8.99

pod2# nslookup pod22.svc.cluster.local 172.16.9.76 #(coredns)

Address 2: 172.16.8.22

and so on.

When I send the exact same query outside Kubernetes (from Home PC) I get:

HomePC# nslookup pod22svc.cluster.local 172.16.9.76 #(coredns)

** server can't find pod22.svc.cluster.local: NXDOMAIN

Log says:

1901 "A IN pod22.svc.cluster.local udp 47 false 512"
NXDOMAIN qr,aa,rd 140 0.000120622s

...so it is no Firewall or Routing Problem.

Coredns answers depends on the Source IP Address ????????

What is here the Problem ?

-- fol
kubernetes

Similar Questions

Create a service that points to a SRV DNS record
How is 'watch=true' implemented on the kube-apiserver?
Is the annotation cert-manager.io/cluster-issuer: acme-issuer enough to generate a TLS certificate?
GKE Workload Identity service account for all namespaces

1 Answer

1/14/2020

svc.cluster.local is resolved by CoreDNS which is running inside the kubernetes cluster. If you check /etc/resolv.conf inside any pod you will see IP of core dns pods. Since there is no dns resolver outside the cluster which is aware of svc.cluster.local you can only access svc.cluster.local from inside the cluster.

-- Arghya Sadhu
Source: StackOverflow