我使用python3和microk8s来开发一个简单的web服务。
服务正常工作(在我的本地开发机器中使用docker(,但一旦pod启动(所有内部服务都在工作(,生产机器(Ubuntu18.04 LTS和Azure中的microk8s(就无法访问互联网(SMTP/Web REST API(。
问题
pod不能ping主机名,只能ping IP地址。经过调查,除外部资源外,吊舱仍按预期工作。当执行nslookup时,它看起来还可以。但是ping不起作用。
bash-5.1# ping www.google.com
ping: bad address 'www.google.com'
bash-5.1# nslookup www.google.com
Server: 10.152.183.10
Address: 10.152.183.10:53
Non-authoritative answer:
Name: www.google.com
Address: 74.125.68.103
Name: www.google.com
Address: 74.125.68.106
Name: www.google.com
Address: 74.125.68.99
Name: www.google.com
Address: 74.125.68.104
Name: www.google.com
Address: 74.125.68.105
Name: www.google.com
Address: 74.125.68.147
Non-authoritative answer:
Name: www.google.com
Address: 2404:6800:4003:c02::93
Name: www.google.com
Address: 2404:6800:4003:c02::63
Name: www.google.com
Address: 2404:6800:4003:c02::67
Name: www.google.com
Address: 2404:6800:4003:c02::69
bash-5.1# ping 74.125.68.103
PING 74.125.68.103 (74.125.68.103): 56 data bytes
64 bytes from 74.125.68.103: seq=0 ttl=55 time=1.448 ms
64 bytes from 74.125.68.103: seq=1 ttl=55 time=1.482 ms
^C
--- 74.125.68.103 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 1.448/1.465/1.482 ms
bash-5.1# python3
>>> import socket
>>> socket.gethostname()
'projects-dep-65d7b8685f-jzmxx'
>>> socket.gethostbyname('www.google.com')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
socket.gaierror: [Errno -3] Try again
环境/设置
host $ #In Host
host $ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.5 LTS
Release: 18.04
Codename: bionic
host $ microk8s is running
high-availability: no
datastore master nodes: 127.0.0.1:19001
datastore standby nodes: none
addons:
enabled:
dashboard
dns
ha-cluster
ingress
metrics-server
registry
storage
disabled:
ambassador
cilium
fluentd
gpu
helm
helm3
host-access
istio
jaeger
keda
knative
kubeflow
linkerd
metallb
multus
portainer
prometheus
rbac
traefik
# In Pod
bash-5.1 # python3
>>> import sys
>>> print({'version':sys.version, 'version-info': sys.version_info})
{'version': '3.9.3 (default, Apr 2 2021, 21:20:32) n[GCC 10.2.1 20201203]', 'version-info': sys.version_info(major=3, minor=9, micro=3, releaselevel='final', serial=0)}
bash-5.1 #
bash-5.1 # cat /etc/resolv.conf
search default.svc.cluster.local svc.cluster.local cluster.local ngqy0alqbw2elndk2awonodqmd.ix.internal.cloudapp.net
nameserver 10.152.183.10
options ndots:5
您可以通过以下命令确认您的pod网络命名空间是否可以连接到外部和内部vnet ips:-
kubectl--namespace=kube system exec-it${kube-DNS-POD-NAME}-c kubedns--sh
#使用元数据端点运行ping/或nslookup
如果您重新启动pod或容器,它可以解决主机名无法解析外部IP地址的问题,或者,您可以将pod移动到其他节点。此外,编辑Kubernetes dns附加主机(对每个主机重复(如下:-
vi/etc/kubernetes/addons/kube-dns-deployment.yaml
并更改健康容器的参数如下:-
- "--cmd=nslookup bing.com 127.0.0.1>dev/null">
- "--url=/healthz dnsmasq">
- "--cmd=nslookup bing.com 127.0.0.1:10053>dev/null">
- "--url=/healthz kubedns">
- "--端口=8080">
- "--安静">
您也可以尝试通过以下命令重新启动kube coredns:-
kubectl-n kube系统推出
如果出现上述情况,这将迫使kubedns容器重新启动。
谢谢你,