K
Q

kubernetes pod success get dns config but could not access network

5/31/2020

when I using apt-get command to update the kubernetes(v1.15.2) pods, it failed:

root@nginx-deployment-5754944d6c-7gbds:/# apt-get update
Err http://security.debian.org wheezy/updates Release.gpg
  Temporary failure resolving 'security.debian.org'
Err http://http.debian.net wheezy Release.gpg               
  Temporary failure resolving 'http.debian.net'
Err http://http.debian.net wheezy-updates Release.gpg       
  Temporary failure resolving 'http.debian.net'
Err http://nginx.org wheezy Release.gpg                     
  Temporary failure resolving 'nginx.org'
Reading package lists... Done
W: Failed to fetch http://http.debian.net/debian/dists/wheezy/Release.gpg  Temporary failure resolving 'http.debian.net'

W: Failed to fetch http://http.debian.net/debian/dists/wheezy-updates/Release.gpg  Temporary failure resolving 'http.debian.net'

W: Failed to fetch http://security.debian.org/dists/wheezy/updates/Release.gpg  Temporary failure resolving 'security.debian.org'

W: Failed to fetch http://nginx.org/packages/mainline/debian/dists/wheezy/Release.gpg  Temporary failure resolving 'nginx.org'

W: Some index files failed to download. They have been ignored, or old ones used instead.

now I could ping success to my kube-dns(ip:10.96.0.10,coredns version 1.6.7):

root@nginx-deployment-5754944d6c-7gbds:/# cat /etc/resolv.conf 
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5

root@nginx-deployment-5754944d6c-7gbds:/# ping 10.96.21.92
PING 10.96.21.92 (10.96.21.92): 48 data bytes
^C--- 10.96.21.92 ping statistics ---
11 packets transmitted, 0 packets received, 100% packet loss
root@nginx-deployment-5754944d6c-7gbds:/# ping 10.96.0.10 
PING 10.96.0.10 (10.96.0.10): 48 data bytes
56 bytes from 10.96.0.10: icmp_seq=0 ttl=64 time=0.103 ms
56 bytes from 10.96.0.10: icmp_seq=1 ttl=64 time=0.094 ms
56 bytes from 10.96.0.10: icmp_seq=2 ttl=64 time=0.068 ms
56 bytes from 10.96.0.10: icmp_seq=3 ttl=64 time=0.066 ms
56 bytes from 10.96.0.10: icmp_seq=4 ttl=64 time=0.060 ms
56 bytes from 10.96.0.10: icmp_seq=5 ttl=64 time=0.064 ms

why the pods could not access to the network? Now I could not install any tool to check the pods network problem in this pod. What should I do to find out where is going wrong?

I tried to create a busybox and test the kube-dns like this:

[miao@MeowK8SMaster1 ~]$ kubectl exec -it busybox -- nslookup kubernetes
Server:    10.96.0.10
Address 1: 10.96.0.10

nslookup: can't resolve 'kubernetes'
command terminated with exit code 1
-- Dolphin
kubernetes

Similar Questions

Taint InstanceGroup on Kubernetes using kubectl
How to dump the resource (CPU, memory) usage per namespace in k8s?
grep from super slow continuous streamed log and exit once string is found without buffer
Accessing TCP port using istio ingress gateway outside the cluster
kubectl message appearing every time when I start the terminal

1 Answer

6/8/2020

I understand why you need to exec into coredns pod.

It, however, allows only coredns binary to be executed (not any shell).

E.g:

k exec -it <<coredns podname>> -n kube-system -- ./coredns -version

This will returns the version of the coredns binary that is running.

-- Thilee
Source: StackOverflow