kxd icon indicating copy to clipboard operation
kxd copied to clipboard

Published 20 hours ago verified publisher icon errordeveloper

Making services DNS accessible from the host system does not work

Open mongrelion opened this issue 8 years ago • 1 comments

In the guides I arrived to the point where it says

Next, let's make cluster DNS accessible from the Mac: ./proxy-service.sh --namespace kube-system kube-dns

So I went ahead and did that and the output of the first call seems all right:

 x ./proxy-service.sh --namespace kube-system kube-dns
Will run the following command that requires root privileges, please enter your password below
   sudo ifconfig lo0 alias     10.96.0.10 netmask 255.240.0.0
1d3e953647f80a1a8877779fac71262b88b13add02920a450c72344a3788556c

But when I try to find the service via DNS with dig I get a timeout:

 x dig kubernetes.default.svc.cluster.local @10.96.0.10

; <<>> DiG 9.8.3-P1 <<>> kubernetes.default.svc.cluster.local @10.96.0.10
;; global options: +cmd
;; connection timed out; no servers could be reached

Looking into the lo0 interface configuration I can see that the alias has been added for the service IP:

 x ifconfig lo0
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        inet 10.96.0.10 netmask 0xfff00000
        nd6 options=201<PERFORMNUD,DAD>

And traceroute does only one hop:

 x traceroute 10.96.0.10
traceroute to 10.96.0.10 (10.96.0.10), 64 hops max, 52 byte packets
 1  10.96.0.10 (10.96.0.10)  0.176 ms  0.113 ms  0.053 ms

I thought it may be related to the kube-dns service so I went ahead and deployed a new service (a helloworld one) and exposed it as well with the proxy-service.sh script as suggested by the guides but I get the same result:

  • I get a timeout from dig
  • I see the alias being created in the lo0 interface
  • traceroute hops only one time, so the requests are definitely not going out of my host system

Any thoughts on this?

Important Note: I updated the start.sh script and the Boxfile to deploy Kubernetes 1.6.2. Maybe it's because of that?

mongrelion avatar May 09 '17 10:05 mongrelion

I've just made it work with 1.7.0, and couldn't reproduce this... Would you mind testing on your machine from master?

errordeveloper avatar Jul 05 '17 05:07 errordeveloper