coredns: HINFO: unreachable backend: read udp 10.200.0.9:46159->183.60.83.19:53: i/o timeout
I use kubernetes v12, my system is ubuntu 16.
I use the followed command to create DNS resource.
wget https://raw.githubusercontent.com/coredns/deployment/master/kubernetes/coredns.yaml.sed
wget https://raw.githubusercontent.com/coredns/deployment/master/kubernetes/deploy.sh
bash deploy.sh -i 10.32.0.10 -r "10.32.0.0/24" -s -t coredns.yaml.sed | kubectl apply -f -
After created coredns resource: I check the resources status.
- check coredns service
kubectl get svc -n kube-system
- check code DNS pod endpoints
kubectl get ep -n kube-system
- My DNS config:
cat /etc/recolv.conf
- Check CoreDNS pod logs
I found CoreDNS pod ip cannot connected to node DNS server ip address.
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Reactions: 1
- Comments: 26 (9 by maintainers)
In my case with Debian 10, it was a iptables problem, using the legacy binary fixed the problem.
Addressed to all Googlers
I created a convenience script that quickly and verbosely applies the solution suggested by @HydriaOne: https://github.com/theAkito/rancher-helpers/blob/master/scripts/debian-buster_fix.sh
Same problem in Debian 10 as well; using Flannel CNI.
This solved the problem for me, too.
@vitorreis, Given that you are using the non-buggy version of busybox (1.28), and you cant resolve things like
kubernetes.default
, that suggests pod to service connection blockage within the cluster.If there is no firewall, it could be a problem with your calico network plugin.
@chrisohaver
Thanks for the clarification.
That’s true, no pods can resolve something like
ping google.com
, however if I run this in the node terminal I can ping successfully, only from the pods it doesn’t work.I am running on a fresh machine Ubutu 18.10, no firewall is enabled AFAIK.
Is there any other command that I can use to have a check if something is blocking dns from/to pods? Unfortunately I am not a linux expert.
Image: busybox:1.28
For me I get