microk8s icon indicating copy to clipboard operation
microk8s copied to clipboard

Published 20 hours ago verified publisher icon canonical

new pod cant do apt-get update

Open agonzalezm opened this issue 2 years ago • 3 comments

I deploy new pod but it cant update packages:

root@microk8s01:~# k run ubuntu --image ubuntu -it bash
If you don't see a command prompt, try pressing enter.
root@ubuntu:/# cat /etc/issue
Ubuntu 22.04 LTS \n \l

root@ubuntu:/# apt-get update
Ign:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Ign:2 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Ign:3 http://security.ubuntu.com/ubuntu jammy-security InRelease
Err:4 http://security.ubuntu.com/ubuntu jammy-security Release
  404  Not Found [IP: 10.58.20.36 80]
Ign:5 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Err:6 http://archive.ubuntu.com/ubuntu jammy Release
  404  Not Found [IP: 10.58.20.36 80]
Err:7 http://archive.ubuntu.com/ubuntu jammy-updates Release
  404  Not Found [IP: 10.58.20.36 80]
Err:8 http://archive.ubuntu.com/ubuntu jammy-backports Release
  404  Not Found [IP: 10.58.20.36 80]
Reading package lists... Done
E: The repository 'http://security.ubuntu.com/ubuntu jammy-security Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://archive.ubuntu.com/ubuntu jammy Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-backports Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

pods have internet access:

root@microk8s01:~# k exec -it dnsutils -- bash
root@dnsutils:/# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=118 time=2.55 ms

root@dnsutils:/# ping archive.ubuntu.com
PING archive.ubuntu.com.lab.local (10.58.20.36) 56(84) bytes of data.
64 bytes from haproxy-ingress-kubernetes-ingress.haproxy-ingress.svc.cluster.local (10.58.20.36): icmp_seq=1 ttl=64 time=0.110 ms
64 bytes from haproxy-ingress-kubernetes-ingress.haproxy-ingress.svc.cluster.local (10.58.20.36): icmp_seq=2 ttl=64 time=0.097 ms

why archive.ubuntu.com is being resolve and ping as archive.ubuntu.com.lab.local (10.58.20.36) ?

agonzalezm avatar Jun 03 '22 13:06 agonzalezm

anyone can help on this?

agonzalezm avatar Jun 06 '22 11:06 agonzalezm

it is issue with your dns configuration, fastest workaround would appropriately edit /etc/hosts or resolv.conf in your container. If you want to investigate start with microk8s kubectl get cm coredns -n kube-system -o yaml if coredns is enabled

miro-balaz avatar Jun 14 '22 12:06 miro-balaz

Yeah, something is wrong with your DNS resolver. Look at the output here @agonzalezm

root@dnsutils:/# ping archive.ubuntu.com
PING archive.ubuntu.com.lab.local (10.58.20.36) 56(84) bytes of data.
64 bytes from haproxy-ingress-kubernetes-ingress.haproxy-ingress.svc.cluster.local (10.58.20.36): icmp_seq=1 ttl=64 time=0.110 ms

The response is not coming from archive.ubuntu.com -- you can verify by resolving the hostname somewhere else:

 nslookup archive.ubuntu.com
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
Name:	archive.ubuntu.com
Address: 185.125.190.36
Name:	archive.ubuntu.com
Address: 91.189.91.39
Name:	archive.ubuntu.com
Address: 91.189.91.38
Name:	archive.ubuntu.com
Address: 185.125.190.39
Name:	archive.ubuntu.com
Address: 2001:67c:1562::18
Name:	archive.ubuntu.com
Address: 2620:2d:4000:1::16
Name:	archive.ubuntu.com
Address: 2620:2d:4000:1::19
Name:	archive.ubuntu.com
Address: 2001:67c:1562::15

As you can see, your pod's DNS resolves to archive.ubuntu.com.lab.local (10.58.20.36), that's because it uses the local microk8s DNS and not 8.8.8.8.

I think you should close this issue and seek support elsewhere. Good luck :+1:

benjaoming avatar Jun 17 '22 19:06 benjaoming

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar May 15 '23 10:05 stale[bot]