kind: inside worker, why ping can resolve registry from dns, but ctr images pull is failed got no such host?

After install kind cluster in my docker, i run exec -it into worker container, and try to use ctr pull image in registry like registry.cn-hangzhou.aliyuncs.com/ns/xxx:latest , it’s failed. ctr images pull --user user:pass registry.cn-hangzhou.aliyuncs.com/ns/hello:latest

ctr: failed to copy: httpReadSeeker: failed open: failed to do request: 
Get "https://registry.cn-hangzhou.aliyuncs.com/v2/ns/hello/manifests/sha256:...": 
dial tcp: lookup registry.cn-hangzhou.aliyuncs.com on 192.168.65.2:53: no such host

but when i ping to registry.cn-hangzhou.aliyuncs.com ,i can get the ip. ping registry.cn-hangzhou.aliyuncs.com

PING registry.cn-hangzhou.aliyuncs.com (120.55.105.209): 56 data bytes
64 bytes from 120.55.105.209: icmp_seq=0 ttl=37 time=38.588 ms
64 bytes from 120.55.105.209: icmp_seq=1 ttl=37 time=37.160 ms

so, why ctr can’t resolve the registry , but ping is work, happen?

my environment: docker desktop for window 4.13.0 (89412). + WSL2(Ubuntu22.04.1 LTS)

docker desktop Network CICR config: 192.168.65.0/24

WSL2 (Ubuntu2): IP addr: inet 192.168.60.2/24 brd 192.168.60.255 scope global eth0 /etc/resolv.conf -> nameserver 192.168.60.1

container (kind Worker) /etc/resolv.conf -> nameserver 192.168.65.2 options ndots:0

https://github.com/kubernetes-sigs/kind/issues/2994#tasklist-block-9859166c-2dba-4316-be51-9704791527b2

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Comments: 18 (9 by maintainers)

Most upvoted comments

The kind worker is resolving via docker’s embedded DNS socket, which then goes out to dockerd on the “host” (which here is the WSL2 VM), where are you running ping?

@BenTheElder thx for reply. i run ping in worker node.

+1
eveforest on Nov 7, 2022
Read more comments on GitHub
← kind: improve error messaging for create cluster"
kind: Installing Istio fails when trying to match resources  →