This topic provides answers to some frequently asked questions about Domain Name System (DNS) resolutions in Container Service for Kubernetes (ACK) clusters.
What do I do if I cannot access a CoreDNS pod by running the exec command?
Problem
You cannot access a CoreDNS pod by running the kubectl -n kube-system exec -it {coredns pod} bash command or a similar command.
Causes
The container image used by the CoreDNS pod is built by using Scratch and does not have a shell.
Solutions
Run the nsenter command to enter the namespace to which the CoreDNS pod belongs. For more information, see Diagnose the network connectivity of the CoreDNS pod. You can monitor CoreDNS by collecting and analyzing the log of CoreDNS. For more information, see Collect and analyze CoreDNS logs.
Why does CoreDNS use deprecated APIs?
Problem
The cluster update precheck result shows that the client whose user agent is coredns uses the deprecated Kubernetes API discovery.k8s.io/v1beta1. The endpoint of the API is /apis/discovery.k8s.io/v1beta1.
Causes
CoreDNS uses the discovery.k8s.io/v1beta1 API to connect to the API server. However, the API is deprecated or will be deprecated in the cluster version that you use. This issue occurs in the following scenarios:
An earlier CoreDNS version is installed in the cluster. CoreDNS uses the
discovery.k8s.io/v1beta1API because the current version does not support thediscovery.k8s.io/v1API.The versions of CoreDNS and Kubernetes are up-to-date. However, CoreDNS is launched in an earlier Kubernetes version, such as 1.20, and the
discovery.k8s.io/v1beta1API is selected when ACK launches the CoreDNS pod. Then, the cluster is updated to a Kubernetes version in which thediscovery.k8s.io/v1beta1API is deprecated but CoreDNS still uses the deprecated API.
Solutions
Log on to the ACK console. In the left-side navigation pane, click Clusters.
On the Clusters page, find the cluster that you want to manage and click its name. In the left-side navigation pane, choose .
You can update the CoreDNS component from the Add-ons page.
If the page shows that no update is available, proceed to the next step. Otherwise, perform Step 3. For more information about how to update the CoreDNS component, see Manage components.
Use kubectl to run the following command to restart CoreDNS:
kubectl -n kube-system rollout restart deployment corednsImportantDNS resolution errors may occasionally occur during the restart process. For more information, see Reduce the adverse effect of occasional DNS resolution timeouts caused by IPVS defects.
After CoreDNS is updated or restarted, use kubectl to run the following command to query the status of the CoreDNS pod:
kubectl -n kube-system get pod -l k8s-app=kube-dnsIf the CoreDNS pod is recreated and in the Running state, you can ignore the check item related to using deprecated APIs on the precheck page and continue to update the cluster.
What do I do if the error message dns: buffer size too small appears in CoreDNS logs?
Problem
When you run the kubectl -n kube-system logs {coredns pod} command to query the logs of CoreDNS pods, the error message dns: buffer size too small is displayed.
Causes
The default buffer size (bufsize) for CoreDNS is 1232 bytes, which limits the maximum size of UDP packets for DNS queries in Kubernetes pods to 1232 bytes. If a DNS query response exceeds this limit, the DNS resolution will fail and the query result will not be retrieved, especially if the response data is large. For more details, see issue.
Solutions
Upgrade the CoreDNS to v1.7.1 or later. If the CoreDNS version is earlier than v1.7.1, you can configure the buffer size by using the command kubectl edit cm -n kube-system coredns. The bufsize must be in the range of [512, 4096]. For more information, see CoreDNS documentation.
. {
bufsize 1220
log
}