1. 背景
发现一个k8s报错Nameserver limits were exceeded,虽然可以望文生义,很快解决问题,但是要复现问题并搞懂原理还是花费了一点时间。
Warn DNSConfigForming Nameserver limits were exceeded, some nameservers have been omitted, the applied nameserver line is: 192.168.1.29 192.168.1.28 1.1.1.1 |
根据k8s文档介绍: “Default”: Pod从运行所在的节点继承名称解析配置。
将 DNS策略 网络设置为,Default 模式
修改节点 /etc/resolv.conf 里面的nameserver,手动随意增加几个,即超过3个。
resolv.conf-test
cat /etc/resolv.confnameserver 192.168.1.29nameserver 192.168.1.28nameserver 1.1.1.1nameserver 192.168.1.27nameserver 192.168.1.26 |
重启2048容器,很快就能复现如上图的 Nameserver limits were exceeded 报错。
既然前面复现了报错,解决方法也就是反向操作,以下方法2选1,都可以解决ns超出的问题。
- 手动方式:直接修改yml文件 ,字段为 dnsPolicy: ClusterFirstWithHostNet 或 ClusterFirst
resolv.conf-test
containers: - name: 2048... dnsPolicy: ClusterFirstWithHostNet hostNetwork: true |
直接修改节点所在的 nameserver 文件 /etc/resolv.conf ,删除多余的nameserver地址,建议保留1-2个即可。
- 报错代码出处
https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/network/dns/dns.go#L133
log := fmt.Sprintf("Nameserver limits were exceeded, some nameservers have been omitted, the applied nameserver line is: %s", strings.Join(nameservers, " "))
k8s源代码dns.go部分,当前第133行,有提示“Nameserver...."
- ns限制出处
https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/core/validation/validation.go#L2836
MaxDNSNameservers = 3
|
1 |
k8s源代码当前第2836行,进行了限制,最大ns数为3. |
文章评论