coredns部署后
host主机解析正常
[root@k8s-7-21 bin]# dig -t A www.baidu.com @192.168.0.2 +short
www.a.shifen.com.
183.232.231.172
183.232.231.174
但在pod上的容器解析失败,检查配置正确
查看coredns日志
#kubectl get all --all-namespaces -o wide
#kubectl logs -f coredns-67575c8657-n9nn4 -n kube-system
提示如下:
E1209 08:59:04.212479 1 reflector.go:125] pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:98: Failed to list *v1.Namespace: Get https://192.168.0.1:443/api/v1/namespaces?limit=500&resourceVersion=0: x509: certificate is valid for 127.0.0.1, 10.254.0.1, 10.4.7.10, 10.4.7.21, 10.4.7.22, 10.4.7.23, 10.4.7.24, 10.4.7.25, not 192.168.0.1
解决:检查apiserver证书,发现没有添加192.168.0.1,只能重建创建证书
