Pods within CoreDNS have no internet access

Rancher 2.x
1

Results from recommended tests:

root@debugger-554b87674c-p6s8j:/# nslookup kubernetes.default
Server:         10.43.0.10
Address:        10.43.0.10#53

Name:   kubernetes.default.svc.cluster.local
Address: 10.43.0.1

root@debugger-554b87674c-p6s8j:/# cat /etc/resolv.conf
nameserver 10.43.0.10
search test.svc.cluster.local svc.cluster.local cluster.local fritz.box
options ndots:5

shell within cluster for kubectl
> kubectl get pods --namespace=kube-system -l k8s-app=kube-dns
NAME                       READY   STATUS    RESTARTS   AGE
coredns-5c8d76c7dd-xp6kp   1/1     Running   2          23h

> for p in $(kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o name); do kubectl logs --namespace=kube-system $p; done
.:53
2019-11-14T17:04:25.422Z [INFO] CoreDNS-1.3.1
2019-11-14T17:04:25.422Z [INFO] linux/amd64, go1.11.4, 6b56a9c
CoreDNS-1.3.1
linux/amd64, go1.11.4, 6b56a9c
2019-11-14T17:04:25.422Z [INFO] plugin/reload: Running configuration MD5 = 45cd9f91917cc54711e243e0d08537a7

> kubectl get service
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.43.0.1    <none>        443/TCP   9d

> kubectl get pods --all-namespaces | grep kube-system
kube-system     canal-lk7nv                               2/2     Running     12         9d
kube-system     coredns-5c8d76c7dd-xp6kp                  1/1     Running     2          24h
kube-system     coredns-autoscaler-84766fbb4-cwnr9        1/1     Running     6          9d
kube-system     metrics-server-59c6fd6767-pjqbt           1/1     Running     6          9d
kube-system     rke-coredns-addon-deploy-job-r4v8l        0/1     Completed   0          9d
kube-system     rke-ingress-controller-deploy-job-p9h8d   0/1     Completed   0          9d
kube-system     rke-metrics-addon-deploy-job-tnl6k        0/1     Completed   0          9d
kube-system     rke-network-plugin-deploy-job-2gl48       0/1     Completed   0          9d

> kubectl -n kube-system get configmap coredns -o go-template={{.data.Corefile}}
.:53 {
    errors
    health
    kubernetes cluster.local in-addr.arpa ip6.arpa {
      pods insecure
      upstream
      fallthrough in-addr.arpa ip6.arpa
      ttl 30
    }
    prometheus :9153
    forward . "/etc/resolv.conf"
    cache 30
    loop
    reload
    loadbalance
}

> kubectl get ep kube-dns --namespace=kube-system
NAME       ENDPOINTS                                                    AGE
kube-dns   192.168.178.157:53,192.168.178.157:53,192.168.178.157:9153   9d

2019-11-14%2020_14_12-Kubernetes_A
2019-11-14%2020_14_12-Kubernetes_A1244×468 52.1 KB

My pods don’t have access to the internet when using the Kubernetes DNS. Changing the namespace to the host’s network namespace makes the internet accessible again due to the different DNS.

What is wrong with the DNS used by Kubernetes and how can I fix it?

2

Did you ever solve this issue?