系统: Ubuntu 18.04.02
K8s 版本: 1.13.4
故障现象: Pod 内无法 ping 通外网域名, 访问外网 IP,K8s 内部域名或者 IP 均正常
原因分析: K8s 在创建 Pod 时会把宿主机的 / etc/resolv.conf 里的内容拷贝到 Pod 同文件中, 如果 / etc/resolv.conf 里写的配置不正确, 则 Pod 无法解析外网域名.
Ubuntu18.04 已经抛弃 / etc/resolv.conf 用做域名解析, DNS 可以配置在 / etc/netplan/xx.YAML 中, 保留 / etc/resolv.conf 只是用做兼容, 查看该文件 cat /etc/resolv.conf:
- # This file is managed by man:systemd-resolved(8). Do not edit.
- #
- # This is a dynamic resolv.conf file for connecting local clients to the
- # internal DNS stub resolver of systemd-resolved. This file lists all
- # configured search domains.
- #
- # Run "systemd-resolve --status" to see details about the uplink DNS servers
- # currently in use.
- #
- # Third party programs must not access this file directly, but only through the
- # symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
- # replace this symlink by a static file or a different symlink.
- #
- # See man:systemd-resolved.service(8) for details about the supported modes of
- # operation for /etc/resolv.conf.
- nameserver 127.0.0.53
- options edns0
根据注释, 我们知道,/etc/resolv.conf 由 systemd-resolved 服务管理, 不建议手工修改, 因为会被自动覆盖, 同时 ls 该文件, 发现 / etc/resolv.conf 只不过是一个软链接
网上方法: 修改 / etc/systemd/resolved.conf 中的 DNS 项, 之后重启 systemd-resolved 服务, 经验证无效.
最终解决办法: 删除该软链接, 然后自己手工创建该文件
- rm /etc/resolv.conf -f
- cat /etc/resolv.conf<<EOF
- nameserver 114.114.114.114
- nameserver 114.114.115.115
- EOF
带来的问题: unable to resolve host xxx, 解决办法: 编辑 / etc/hosts, 把你的主机名加到 127.0.0.1 行即可
删除 Pod 之后重新创建 Pod, 问题完美解决
注意: KubeDNS 或者 CoreDNS 在修改 / etc/resolv.conf 前已经创建, 也必须删除之后重建
来源: http://www.bubuko.com/infodetail-3007588.html