calico icon indicating copy to clipboard operation
calico copied to clipboard

Published 20 hours ago verified publisher icon projectcalico

When enabling NodeLocal DNSCache DNS requests are being blocked

Open liorfranko opened this issue 4 years ago • 16 comments

After enabling the NodeLocal DNSCache feature, requests from pods to kube-dns SVC are getting blocked by Calico Policy. The NodeLocal DNS pods are deployed exactly with the same labels as the coredns pods

Steps to Reproduce (for bugs)

  1. Deploy a K8S cluster.
  2. Enforce the cluster using Calico GlobalNetworkPolicy
  3. Enable NodeLocal DNSCache

Your Environment

  • Calico version: 3.14.1
  • Kubernetes: 1.17.4
  • Operating System and version: Centos/Ubuntu https://kubernetes.io/docs/tasks/administer-cluster/nodelocaldns/

liorfranko avatar Jul 15 '20 14:07 liorfranko