Section 12 DNS Addon CoreDNS Pods failing

[GhostPratt]

Running kubectl apply -f https://storage.googleapis.com/kubernetes-the-hard-way/coredns-1.8.yaml pulls and applies the configuration successfully.

The coredns pods though are failing to come up at all. Falling into a CrashLoopBackOff error and restarting for time eternal. Pulling back the logs I'm getting: plugin/kubernetes: Get "https://10.32.0.1:443/version?timeout=32s": dial tcp 10.32.0.1:443: i/o timeout plugin/kubernetes: Get "https://10.32.0.1:443/version?timeout=32s": dial tcp 10.32.0.1:443: i/o timeout

Othertimes have been no logs whatsoever. Any assistance would be greatly appreciated.

[danilo-lopes]

I'm having the same problem here.

kube-system/coredns-8494f9c688-rjvmg:coredns

plugin/kubernetes: Get "https://10.32.0.1:443/version?timeout=32s": dial tcp 10.32.0.1:443: i/o timeout

I didnt understand about Kube API server CIDR routing logic (10.32.0.0/24 in this case).

In my case, I have on-primeses environment. I dont have networking firewall rules and all hosts can talk to each other. All worker nodes have local linux routing for the POD network (10.200.0.0/24).

[mguttsait]

@GhostPratt @danilo-lopes Did you ever wind up figuring this out?

[danilo-lopes]

@mguttsait I dont have this cluster anymore, I have to setup it again..

[carlchen8617]

I have two PCs(not VMs), one as controller node, one as worker node, both get IP address from the DHCP server on the home ADSL router. Tried kube-dns and coredns. In both cases the dns pods are trying to dial the service clusterIP(10.32.0.1:443) of the api server and getting i/o timeout issue and never succeeded. Still digging for solutions

[mirik12]

apiVersion: v1 kind: ServiceAccount metadata: name: coredns namespace: kube-system

apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: kubernetes.io/bootstrapping: rbac-defaults name: system:coredns rules:

• apiGroups:
  • "" resources:
  • endpoints
  • services
  • pods
  • namespaces verbs:
  • list
  • watch
• apiGroups:
  • "" resources:
  • nodes verbs:

  • get

    apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: rbac.authorization.kubernetes.io/autoupdate: "true" labels: kubernetes.io/bootstrapping: rbac-defaults name: system:coredns roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:coredns subjects:

• kind: ServiceAccount name: coredns namespace: kube-system

  apiVersion: v1 kind: ConfigMap metadata: name: coredns namespace: kube-system data: Corefile: | .:53 { errors health ready kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa } prometheus :9153 cache 30 loop reload loadbalance }

  apiVersion: apps/v1 kind: Deployment metadata: name: coredns namespace: kube-system labels: k8s-app: kube-dns kubernetes.io/name: "CoreDNS" spec: replicas: 2 strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 selector: matchLabels: k8s-app: kube-dns template: metadata: labels: k8s-app: kube-dns spec: priorityClassName: system-cluster-critical serviceAccountName: coredns tolerations:

  • key: "CriticalAddonsOnly" operator: "Exists" nodeSelector: beta.kubernetes.io/os: linux containers:
  • name: coredns image: coredns/coredns:1.8.0 imagePullPolicy: IfNotPresent resources: limits: memory: 170Mi requests: cpu: 100m memory: 70Mi args: ["-conf", "/etc/coredns/Corefile"] volumeMounts:
    • name: config-volume mountPath: /etc/coredns readOnly: true ports:
    • containerPort: 53 name: dns protocol: UDP
    • containerPort: 53 name: dns-tcp protocol: TCP
    • containerPort: 9153 name: metrics protocol: TCP securityContext: allowPrivilegeEscalation: false capabilities: add:
      • NET_BIND_SERVICE drop:
      • all readOnlyRootFilesystem: true livenessProbe: httpGet: path: /health port: 8080 scheme: HTTP initialDelaySeconds: 60 timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 readinessProbe: httpGet: path: /ready port: 8181 scheme: HTTP dnsPolicy: Default volumes:
  • name: config-volume configMap: name: coredns items:

    • key: Corefile path: Corefile

      apiVersion: v1 kind: Service metadata: name: kube-dns namespace: kube-system annotations: prometheus.io/port: "9153" prometheus.io/scrape: "true" labels: k8s-app: kube-dns kubernetes.io/cluster-service: "true" kubernetes.io/name: "CoreDNS" spec: selector: k8s-app: kube-dns clusterIP: 10.32.0.10 ports:

      • name: dns port: 53 protocol: UDP
      • name: dns-tcp port: 53 protocol: TCP
      • name: metrics port: 9153 protocol: TCP

[mirik12]

https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/deployments/coredns-1.7.0.yaml

but change the versions into the file (one place)