5

Not able to connect to internet from inside the pod

My system Spec Include : I have created a Kubernetes cluster using 2 system one acts as master the other as worker node .

Operating System : NAME="Red Hat Enterprise Linux" VERSION="8.3 (Ootpa)" ID="rhel".

I installed the Kuberenetes clusted using the following the link (https://dzone.com/articles/kubernetes-installation-in-redhat-centos)

I have tried both CALICO pod network and Flannel pod network for both same issue is happening. Not able to connect to internet from inside the pod

See the below image for further details

enter image description here

you can see that all the pods are up and running.

My coredns pod is also up and running and the service for the respective is also up check the below image

enter image description here

Debugging

For debugging i tried using this link (https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/)

whenever i do nslookup it shows up the error saying (;; connection timed out; no servers could be reached ,command terminated with exit code 1)

please have a look at the below image

enter image description here

Can anyone please tell where exactly the problem lies . why is that from inside the pod i an not able to connect to the internet

Any help would be Appriciated Thank you.

Umesh
  • 71
  • 1
  • 6
  • may I know if you used `--pod-network-cidr=` during cluster init? `--pod-network-cidr=192.168.0.0/16` for calico, `--pod-network-cidr=10.244.0.0/16` for flannel. It wont wrork properly if you havent used this during kubeadm init. – Vit Dec 04 '20 at 11:49
  • 1
    @Vitalii i have it as you mentioned here i,e For flannel : kubeadm init --apiserver-advertise-address= --pod-network-cidr=10.244.0.0/16 ( for Flannel) and For Calico : kubeadm init --apiserver-advertise-address= --pod-network-cidr=192.168.0.0/16 (for Calico) – Umesh Dec 04 '20 at 11:56
  • yep, my bad.. missed somehow. Can you also let know where you setup cluster? bare-metal?or cloud? – Vit Dec 23 '20 at 15:37
  • Were you able to fix your issue? – acid_fuji Mar 17 '21 at 08:25
  • Please try to avoid uploading screenshots of your issue when you can copy/paste it in the text form [reference](https://meta.stackoverflow.com/questions/285551/why-not-upload-images-of-code-errors-when-asking-a-question). One question, does this setup is basing on AWS (hence the `ec2-user` username)? – Dawid Kruk Jun 25 '21 at 06:54

1 Answers1

1

There are couple of possibilities for this kind of issue:

  • It could be that this is not an issue with CoreDNS itself but rather the Kubernetes networking problem where the traffic to ClusterIPs is not directed correctly to Pods. It could be that kube-proxy is responsinble for that.

    Here's a Kubernetes guide about troubleshooting services.

  • Another issue very common for rhel/centos distributions is the issue with nftables backed is not compatible with kubernetes. nftables is available as a modern replacement for the kernel’s iptables subsystem.

    The workaround for this is to use Calico since from v3.8.1+ it possible to the CNI to run on hosts which use iptables in NFT mode. Setting the FELIX_IPTABLESBACKEND=NFT option will tell Calico to use the nftables backend. For now, this will need to be set explicitly.

  • Lastly it is very possible that your Pod network overlap with the host networks. Reference: Installing a Pod network add-on

acid_fuji
  • 6,287
  • 7
  • 22