问题描述:
进入pod内发现只能ping通内部node和pod地址,baidu.com解析不到
-
CoreDNS 的ConfigMap重定向到文件内
kubectl get cm -n kube-system coredns -o yaml > CoreDNS_ConfigMap.yaml
vim CoreDNS_ConfigMap.yaml
apiVersion: v1
data:
Corefile: |
.:53 {
log
errors
health
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
forward . 8.8.8.8 #加入本地用的dns解析服务器
cache 30
loop
reload
loadbalance
}
kind: ConfigMap
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","data":{"Corefile":".:53 {\n log\n errors\n health\n ready\n kubernetes cluster.local in-addr.arpa ip6.arpa {\n pods insecure\n fallthrough in-addr.arpa ip6.arpa\n }\n prometheus :9153\n forward . 8.8.8.8\n cache 30\n loop\n reload\n loadbalance\n}\n"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"coredns","namespace":"kube-system"}}
creationTimestamp: "2022-12-18T10:11:57Z"
name: coredns
namespace: kube-system
resourceVersion: "663977"
uid: 97b64ce7-3850-4d34-974f-ae53f47c3a08
# 删除之前的旧pod
# 生效
kubectl replace -f CoreDNS_ConfigMap.yaml-
创建pod测试在pod内是否可以ping通baidu.com
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
name: busybox
namespace: default
spec:
containers:
- name: busybox
image: docker.io/library/busybox:1.28
command:
- sleep
- "3600"
imagePullPolicy: IfNotPresent
restartPolicy: Always
EOF
kubectl get pod
kubectl exec -ti busybox -- sh
/ # ping baidu.com
PING baidu.com (39.156.66.10): 56 data bytes
64 bytes from 39.156.66.10: seq=0 ttl=127 time=41.059 ms
64 bytes from 39.156.66.10: seq=1 ttl=127 time=71.731 ms
64 bytes from 39.156.66.10: seq=2 ttl=127 time=123.897 ms
64 bytes from 39.156.66.10: seq=3 ttl=127 time=142.284 ms
64 bytes from 39.156.66.10: seq=4 ttl=127 time=43.085 ms这样做的方法是:域名解析不用pod里的dns服务了,强制转发到外边,用外边的dns服务来做解析,从而避免pod里dns服务解析不了的问题。
参考:k8s中pod内dns无法解析的问题 | Pod (lmlphp.com)
标签:ConfigMap,内部,arpa,yaml,dns,pod,解析 From: https://www.cnblogs.com/Mercury-linux/p/17025154.html