1. 首页
  2. 问题列表
  3. kubernetes pod成功获取dns配置但无法访问网络
提问者:小点点

kubernetes pod成功获取dns配置但无法访问网络


当我使用apt-get命令更新kubernetes(v1.15.2)pod时,它失败了:

root@nginx-deployment-5754944d6c-7gbds:/# apt-get update
Err http://security.debian.org wheezy/updates Release.gpg
  Temporary failure resolving 'security.debian.org'
Err http://http.debian.net wheezy Release.gpg               
  Temporary failure resolving 'http.debian.net'
Err http://http.debian.net wheezy-updates Release.gpg       
  Temporary failure resolving 'http.debian.net'
Err http://nginx.org wheezy Release.gpg                     
  Temporary failure resolving 'nginx.org'
Reading package lists... Done
W: Failed to fetch http://http.debian.net/debian/dists/wheezy/Release.gpg  Temporary failure resolving 'http.debian.net'

W: Failed to fetch http://http.debian.net/debian/dists/wheezy-updates/Release.gpg  Temporary failure resolving 'http.debian.net'

W: Failed to fetch http://security.debian.org/dists/wheezy/updates/Release.gpg  Temporary failure resolving 'security.debian.org'

W: Failed to fetch http://nginx.org/packages/mainline/debian/dists/wheezy/Release.gpg  Temporary failure resolving 'nginx.org'

W: Some index files failed to download. They have been ignored, or old ones used instead.

现在我可以ping成功到我的库贝-dns(ip:10.96.0.10,coredns版本1.6.7):

root@nginx-deployment-5754944d6c-7gbds:/# cat /etc/resolv.conf 
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5

root@nginx-deployment-5754944d6c-7gbds:/# ping 10.96.21.92
PING 10.96.21.92 (10.96.21.92): 48 data bytes
^C--- 10.96.21.92 ping statistics ---
11 packets transmitted, 0 packets received, 100% packet loss
root@nginx-deployment-5754944d6c-7gbds:/# ping 10.96.0.10 
PING 10.96.0.10 (10.96.0.10): 48 data bytes
56 bytes from 10.96.0.10: icmp_seq=0 ttl=64 time=0.103 ms
56 bytes from 10.96.0.10: icmp_seq=1 ttl=64 time=0.094 ms
56 bytes from 10.96.0.10: icmp_seq=2 ttl=64 time=0.068 ms
56 bytes from 10.96.0.10: icmp_seq=3 ttl=64 time=0.066 ms
56 bytes from 10.96.0.10: icmp_seq=4 ttl=64 time=0.060 ms
56 bytes from 10.96.0.10: icmp_seq=5 ttl=64 time=0.064 ms

为什么pod无法访问网络?现在我无法在这个pod中安装任何工具来检查pod网络问题。我该怎么做才能找出哪里出了问题?

我尝试创建一个busybox并像这样测试库贝-dns:

[miao@MeowK8SMaster1 ~]$ kubectl exec -it busybox -- nslookup kubernetes
Server:    10.96.0.10
Address 1: 10.96.0.10

nslookup: can't resolve 'kubernetes'
command terminated with exit code 1

共1个答案

匿名用户

我明白你为什么要进入核心舱。

但是,它只允许执行coredns二进制文件(不允许执行任何shell)。

例如:

k exec -it <<coredns podname>> -n kube-system -- ./coredns -version

这将返回正在运行的coredns二进制文件的版本。

相关问题



热门标签
Java JavaScript Python PHP C# Android Html jQuery C++ Css IOS MySQL NodeJS