kubernetes: Windows pods don't have DNS networking when they start running
What happened: I started a Windows pod that ran a command that made DNS requests. The initial DNS request(s) that it made timed out, and then DNS suddenly started working without me doing anything.
Once DNS started working it was stable, and these results were repeatable across pod restarts, leading me to conclude that when Windows pods start running they don’t have DNS networking.
Running:
kubectl logs hello-9cbdb744f-qz6tz
Gave:
Resolve-DnsName : dns.msftncsi.com : This operation returned because the timeout period expired
At line:1 char:33
+ ... 16; ++$i) { Resolve-DnsName -Name 'dns.msftncsi.com' -Type 'A' }; Sta ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationTimeout: (dns.msftncsi.com:String) [Resolve-DnsName], Win32Exception
+ FullyQualifiedErrorId : ERROR_TIMEOUT,Microsoft.DnsClient.Commands.ResolveDnsName
Name Type TTL Section IPAddress
---- ---- --- ------- --------
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
dns.msftncsi.com A 30 Answer 131.107.255.255
What you expected to happen: I expect that when Windows pods start, their networking would be completely configured and enabled so that DNS works immediately.
My application relies on making network requests on startup, and whilst I can (and probably should) add retry logic, it would be better if k8s was easy and reliable to use.
How to reproduce it (as minimally and precisely as possible):
Here’s the .yaml file that I used:
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: default
name: hello
spec:
selector:
matchLabels:
app.kubernetes.io/component: hello
template:
metadata:
labels:
app.kubernetes.io/component: hello
spec:
nodeSelector:
kubernetes.io/os: windows
containers:
- name: hello-container
image: mcr.microsoft.com/windows:10.0.17763.437
command:
- powershell.exe
- -Command
- for ($i = 0; $i -le 16; ++$i) { Resolve-DnsName -Name 'dns.msftncsi.com' -Type 'A' }; Start-Sleep 3600
Anything else we need to know?:
- On-premise install of k8s
- The Windows nodes all have the following feature gates enabled:
- WinOverlay
- WindowsGMSA
Linux master:
- OS (e.g.
cat /etc/os-release):Ubuntu 18.10 (Cosmic Cuttlefish)
Kernel Version: 4.18.0-18-generic #19-Ubuntu Tue Apr 2 18:13:16 UTC 2019
OS Image: Ubuntu 18.10
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://18.9.5
Kubelet Version: v1.14.1
Kube-Proxy Version: v1.14.1
Windows worker:
Kernel Version: 10.0.17763.437
OS Image: Windows Server 2019 Standard
Operating System: windows
Architecture: amd64
Container Runtime Version: docker://18.9.5
Kubelet Version: v1.14.1
Kube-Proxy Version: v1.14.1
NetworkMode: overlay
.\flanneld.exe -version
v0.11.0
If you need any more information then please let me know.
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Reactions: 5
- Comments: 16 (7 by maintainers)
thanks for looking into this Jeremy