小贝子编程

Kubernetes Pod 成功获取 DNS 配置,但无法访问网络



当我使用 apt-get 命令更新 kubernetes(v1.15.2( pods 时,它失败了:

root@nginx-deployment-5754944d6c-7gbds:/# apt-get update
Err http://security.debian.org wheezy/updates Release.gpg
Temporary failure resolving 'security.debian.org'
Err http://http.debian.net wheezy Release.gpg               
Temporary failure resolving 'http.debian.net'
Err http://http.debian.net wheezy-updates Release.gpg       
Temporary failure resolving 'http.debian.net'
Err http://nginx.org wheezy Release.gpg                     
Temporary failure resolving 'nginx.org'
Reading package lists... Done
W: Failed to fetch http://http.debian.net/debian/dists/wheezy/Release.gpg  Temporary failure resolving 'http.debian.net'
W: Failed to fetch http://http.debian.net/debian/dists/wheezy-updates/Release.gpg  Temporary failure resolving 'http.debian.net'
W: Failed to fetch http://security.debian.org/dists/wheezy/updates/Release.gpg  Temporary failure resolving 'security.debian.org'
W: Failed to fetch http://nginx.org/packages/mainline/debian/dists/wheezy/Release.gpg  Temporary failure resolving 'nginx.org'
W: Some index files failed to download. They have been ignored, or old ones used instead.

现在我可以 ping 成功到我的 kube-dns(ip:10.96.0.10,coredns 版本 1.6.7(:

root@nginx-deployment-5754944d6c-7gbds:/# cat /etc/resolv.conf 
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5
root@nginx-deployment-5754944d6c-7gbds:/# ping 10.96.21.92
PING 10.96.21.92 (10.96.21.92): 48 data bytes
^C--- 10.96.21.92 ping statistics ---
11 packets transmitted, 0 packets received, 100% packet loss
root@nginx-deployment-5754944d6c-7gbds:/# ping 10.96.0.10 
PING 10.96.0.10 (10.96.0.10): 48 data bytes
56 bytes from 10.96.0.10: icmp_seq=0 ttl=64 time=0.103 ms
56 bytes from 10.96.0.10: icmp_seq=1 ttl=64 time=0.094 ms
56 bytes from 10.96.0.10: icmp_seq=2 ttl=64 time=0.068 ms
56 bytes from 10.96.0.10: icmp_seq=3 ttl=64 time=0.066 ms
56 bytes from 10.96.0.10: icmp_seq=4 ttl=64 time=0.060 ms
56 bytes from 10.96.0.10: icmp_seq=5 ttl=64 time=0.064 ms

为什么 Pod 无法访问网络?现在我无法安装任何工具来检查此 pod 中的 pods 网络问题。我应该怎么做才能找出哪里出了问题?

我尝试创建一个繁忙框并像这样测试 kube-dns:

[miao@MeowK8SMaster1 ~]$ kubectl exec -it busybox -- nslookup kubernetes
Server:    10.96.0.10
Address 1: 10.96.0.10
nslookup: can't resolve 'kubernetes'
command terminated with exit code 1

我理解为什么你需要执行到coredns pod。

但是,它只允许执行coredns二进制文件(而不是任何shell(。

例如:

k exec -it <<coredns podname>> -n kube-system -- ./coredns -version

这将返回正在运行的 coredns 二进制文件的版本。

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium