Kubernetes集群查询集群IP时出现间歇性响应

时间:2021-07-22 21:59:02

标签: kubernetes amazon-eks coredns kube-dns

当我们尝试从另一个 Pod 查询 Kubernetes 集群中的一项服务时遇到问题。有时,请求会通过,但在 99% 的情况下会失败。当我们尝试直接点击我们的 kube-dns 服务时也会发生这种情况:

/ # nslookup kubernetes.default.svc.cluster.local.
;; connection timed out; no servers could be reached

我可以在 core-dns 日志中看到上述请求,所以我认为这不是 DNS 解析问题:

[INFO] 10.2.56.172:53295 - 403 "A IN kubernetes.default.svc.cluster.local. udp 54 false 512" NOERROR qr,aa,rd 106 0.000158582s

尝试访问集群中的任何服务时会发生类似的故障。在这里你可以看到它运行一次,然后立即失败

/ # dig http://172.20.234.169:80

; <<>> DiG 9.11.6-P1 <<>> http://172.20.234.169:80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2504
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 16db935520e8e061 (echoed)
;; QUESTION SECTION:
;http://172.20.234.169:80.  IN  A

;; AUTHORITY SECTION:
.           30  IN  SOA a.root-servers.net. nstld.verisign-grs.com. 2021072201 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 172.20.0.10#53(172.20.0.10)
;; WHEN: Thu Jul 22 20:12:33 UTC 2021
;; MSG SIZE  rcvd: 140

/ # dig http://172.20.234.169:80

; <<>> DiG 9.11.6-P1 <<>> http://172.20.234.169:80
;; global options: +cmd
;; connection timed out; no servers could be reached

我们的设置:

  1. 云提供商:运行 EKS 的 AWS
  2. 4 个节点在 k8s 1.20 上运行;核心 DNS 1.8
  3. 设置是完全私有的,在其自己的具有 4 个子网的 VPC 中运行

其他信息

⇒  kubectl get pods -n kube-system
NAME                                          READY   STATUS    RESTARTS   AGE
aws-node-8n9r6                                1/1     Running   0          2d2h
aws-node-gpd5p                                1/1     Running   0          2d2h
aws-node-mdl98                                1/1     Running   0          2d3h
aws-node-tff7q                                1/1     Running   0          2d3h
coredns-55cd7f87dc-csnnk                      1/1     Running   0          4h3m
coredns-55cd7f87dc-d4bl2                      1/1     Running   0          4h3m
coredns-55cd7f87dc-hkj85                      1/1     Running   0          4h3m
coredns-55cd7f87dc-ms4kx                      1/1     Running   0          4h3m
kube-proxy-77zdf                              1/1     Running   0          130m
kube-proxy-fv8tc                              1/1     Running   0          129m
kube-proxy-nklhv                              1/1     Running   0          129m
kube-proxy-wvvmf                              1/1     Running   0          129m
seldon-spartakus-volunteer-5b57b95596-gsk2d   1/1     Running   0          2d3h

⇒  kubectl get svc kube-dns -n kube-system
NAME       TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)         AGE
kube-dns   ClusterIP   172.20.0.10   <none>        53/UDP,53/TCP   22d

/ # cat /etc/resolv.conf
nameserver 172.20.0.10
search lpa.svc.cluster.local svc.cluster.local cluster.local us-west-2.compute.internal
options ndots:5

有关如何解决此问题的任何想法?

0 个答案:

没有答案
相关问题
最新问题