microsoft/SDN

DNS request timed out to kube-dns service at 53 port Address: 172.21.0.10.

prudhvigodithi opened this issue · 1 comments

Hey I have kops Kubernetes cluster v1.16.7 using flannel and able to join windows ec2 instance to existing cluster using l2bridge network, ec2 node was able to join the cluster, but the windows pods not able to resolve the DNS requests, here we are using coredns, below attached is the output from nslookup inside windows pod.

NAME                          STATUS   ROLES    AGE     VERSION
ec2amaz-ojqdq1a               Ready    <none>   12m     v1.16.7
ip-10-37-15-140.ec2.internal   Ready    node     8m43s   v1.16.7
ip-10-37-15-215.ec2.internal   Ready    master   5d23h   v1.16.7

nslookup sample.test.aws                                                                                                                                                                                                                 
DNS request timed out.                                                                                                                                                                                                                        
    timeout was 2 seconds.                                                                                                                                                                                                                    
Server:  UnKnown                                                                                                                                                                                                                              
Address:  172.21.0.10  

Added all ICMP, RCP, UDP rules to aws security groups.

Inside the sample pod

PS C:\> Test-NetConnection 172.21.0.10  -Port 53                                                                                                                                                                                              
WARNING: TCP connect to (172.21.0.10 : 53) failed                                                                                                                                                                                             
WARNING: Ping to 172.21.0.10 failed with status: TimedOut                                                                                                                                                                                     
                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                              
ComputerName           : 172.21.0.10                                                                                                                                                                                                          
RemoteAddress          : 172.21.0.10                                                                                                                                                                                                          
RemotePort             : 53                                                                                                                                                                                                                   
InterfaceAlias         : vEthernet (6767583a4acb8d7e4e465e1382694eb3ef3d1db2c88762fb38f796e4db1a44d9_cbr0)                                                                                                                                    
SourceAddress          : 172.21.131.12                                                                                                                                                                                                        
PingSucceeded          : False                                                                                                                                                                                                                
PingReplyDetails (RTT) : 0 ms                                                                                                                                                                                                                 
TcpTestSucceeded       : False  

However, port 80 works

PS C:\> ipconfig /all                                                                                                                                                                                                                         
                                                                                                                                                                                                                                              
Windows IP Configuration                                                                                                                                                                                                                      
                                                                                                                                                                                                                                              
   Host Name . . . . . . . . . . . . : win-webserver-7c7757c8bf-24fh4                                                                                                                                                                         
   Primary Dns Suffix  . . . . . . . :                                                                                                                                                                                                        
   Node Type . . . . . . . . . . . . : Hybrid                                                                                                                                                                                                 
   IP Routing Enabled. . . . . . . . : No                                                                                                                                                                                                     
   WINS Proxy Enabled. . . . . . . . : No                                                                                                                                                                                                     
   DNS Suffix Search List. . . . . . : default.svc.cluster.local                                                                                                                                                                              
                                                                                                                                                                                                                                              
Ethernet adapter vEthernet (69a01ff4239648d109166b3b2d15ebf6e3416da2510288411cd2144640637509_cbr0):                                                                                                                                           
                                                                                                                                                                                                                                              
   Connection-specific DNS Suffix  . : default.svc.cluster.local                                                                                                                                                                              
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #6                                                                                                                                                                    
   Physical Address. . . . . . . . . : 00-15-5D-5E-58-BC                                                                                                                                                                                      
   DHCP Enabled. . . . . . . . . . . : No                                                                                                                                                                                                     
   Autoconfiguration Enabled . . . . : Yes                                                                                                                                                                                                    
   Link-local IPv6 Address . . . . . : fe80::3062:c8bc:3f88:14f3%37(Preferred)                                                                                                                                                                
   IPv4 Address. . . . . . . . . . . : 172.21.132.12(Preferred)                                                                                                                                                                               
   Subnet Mask . . . . . . . . . . . : 255.255.255.0                                                                                                                                                                                          
   Default Gateway . . . . . . . . . : 172.21.132.2                                                                                                                                                                                           
   DNS Servers . . . . . . . . . . . : 172.21.0.10                                                                                                                                                                                            
   NetBIOS over Tcpip. . . . . . . . : Disabled                                                                                                                                                                                               
   Connection-specific DNS Suffix Search List :                                                                                                                                                                                               
                                       default.svc.cluster.local

The issue was with sourceVip.json added before the start of kube-proxy.