search

coredns / deployment

Scripts, utilities, and examples for deploying CoreDNS.
Apache License 2.0
549 stars 535 forks source link

Debian/Ubuntu Package Service Fails to Start #257

Closed utkonos closed 3 years ago

utkonos commented 3 years ago

Using the package generated in issue #256 steps to reproduce, the resulting package installs a service that fails to start.

Steps to reproduce:

dpkg -i coredns_1.8.6-0~20.040_amd64.deb
service coredns status

Output:

root@ubuntu:~# dpkg -i coredns_1.8.6-0~20.040_amd64.deb
Selecting previously unselected package coredns.
(Reading database ... 94622 files and directories currently installed.)
Preparing to unpack coredns_1.8.6-0~20.040_amd64.deb ...
Unpacking coredns (1.8.6-0~20.040) ...
Setting up coredns (1.8.6-0~20.040) ...
Created symlink /etc/systemd/system/multi-user.target.wants/coredns.service → /lib/systemd/system/coredns.service.
Processing triggers for man-db (2.9.1-1) ...
root@ubuntu:~# service coredns status
● coredns.service - CoreDNS DNS server
     Loaded: loaded (/lib/systemd/system/coredns.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Mon 2021-10-25 20:21:07 UTC; 6s ago
       Docs: https://coredns.io
    Process: 1768 ExecStart=/usr/bin/coredns -conf=/etc/coredns/Corefile (code=exited, status=1/FAILURE)
   Main PID: 1768 (code=exited, status=1/FAILURE)

Oct 25 20:21:06 ubuntu systemd[1]: coredns.service: Main process exited, code=exited, status=1/FAILURE
Oct 25 20:21:06 ubuntu systemd[1]: coredns.service: Failed with result 'exit-code'.
Oct 25 20:21:07 ubuntu systemd[1]: coredns.service: Scheduled restart job, restart counter is at 5.
Oct 25 20:21:07 ubuntu systemd[1]: Stopped CoreDNS DNS server.
Oct 25 20:21:07 ubuntu systemd[1]: coredns.service: Start request repeated too quickly.
Oct 25 20:21:07 ubuntu systemd[1]: coredns.service: Failed with result 'exit-code'.
Oct 25 20:21:07 ubuntu systemd[1]: Failed to start CoreDNS DNS server.
utkonos commented 3 years ago

The reason it does not start is that systemd-resolved is running on port 53 of lo:

# ss -tulwn | grep LISTEN
tcp    LISTEN  0       4096     127.0.0.53%lo:53          0.0.0.0:*

One solution is to adjust the Corefile to have the service specifically bind to the NIC with the IP address that one wants CoreDNS to listen on. This is described in the documentation here: https://coredns.io/manual/toc/#server-blocks This uses the bind plugin: https://coredns.io/plugins/bind/

Alterniatively, if one wants to replace systemd-resolved, the following needs to be changed:

systemctl disable systemd-resolved
systemctl stop systemd-resolved

Then adjust the contents of /etc/NetworkManager/NetworkManager.conf adding:

dns=default

Finally:

rm /etc/resolv.conf
systemctl restart NetworkManager

I don't think replacing the system's DNS resolver is a good idea, however. Just binding to the outside interface is probably the best thing to do.