search

errordeveloper / kxd

[WIP/PoC] Kubernetes on Docker for Mac
Apache License 2.0
15 stars 1 forks source link

Making services DNS accessible from the host system does not work #6

Open mongrelion opened 7 years ago

mongrelion commented 7 years ago

In the guides I arrived to the point where it says

Next, let's make cluster DNS accessible from the Mac: ./proxy-service.sh --namespace kube-system kube-dns

So I went ahead and did that and the output of the first call seems all right:

 x ./proxy-service.sh --namespace kube-system kube-dns
Will run the following command that requires root privileges, please enter your password below
   sudo ifconfig lo0 alias     10.96.0.10 netmask 255.240.0.0
1d3e953647f80a1a8877779fac71262b88b13add02920a450c72344a3788556c

But when I try to find the service via DNS with dig I get a timeout:

 x dig kubernetes.default.svc.cluster.local @10.96.0.10

; <<>> DiG 9.8.3-P1 <<>> kubernetes.default.svc.cluster.local @10.96.0.10
;; global options: +cmd
;; connection timed out; no servers could be reached

Looking into the lo0 interface configuration I can see that the alias has been added for the service IP:

 x ifconfig lo0
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        inet 10.96.0.10 netmask 0xfff00000
        nd6 options=201<PERFORMNUD,DAD>

And traceroute does only one hop:

 x traceroute 10.96.0.10
traceroute to 10.96.0.10 (10.96.0.10), 64 hops max, 52 byte packets
 1  10.96.0.10 (10.96.0.10)  0.176 ms  0.113 ms  0.053 ms

I thought it may be related to the kube-dns service so I went ahead and deployed a new service (a helloworld one) and exposed it as well with the proxy-service.sh script as suggested by the guides but I get the same result:

Any thoughts on this?

Important Note: I updated the start.sh script and the Boxfile to deploy Kubernetes 1.6.2. Maybe it's because of that?

errordeveloper commented 7 years ago

I've just made it work with 1.7.0, and couldn't reproduce this... Would you mind testing on your machine from master?