SkyDNS in Kubernetes 1.3 local clusters

If you want to run kubernetes locally – not in a VM – then you’ll probably also want DNS service integration to work.  Thats fine, except by default it doesn’t work :(. This may be due to DNS being a built-in add-on now, but the current docs around that are inconsistent – referencing the deleted 1.2 dns addon docs :/.

I’ve put a pull request up to fix the errors I encountered trying to use the local-up-cluster script per the current in-tree documentation in build. You also need to run it slightly differently than the basic docs suggest. The basic setup (sensibly) doesn’t listen on 0.0.0.0, avoiding exposing your insecure cluster to the world. But since you’re going to be partitioning off your machine into containers, and the kube-dns component which handles DNS integration needs to talk to the kubernetes API, so you need to override that.

sudo KUBE_ENABLE_CLUSTER_DNS=true API_HOST_IP=0.0.0.0 hack/local-up-cluster.sh

Will run a local cluster for you with DNS happily working, assuming the other preconditions (like – you’re not using 10.0.0.0/8) needed to run a local cluster are true. You can start with no environment variables set ar all to check that that works – kubernetes itself runs happily with no DNS integration. Note though, that if you have DNS enabled, it has to work, or the kubernetes API itself will fail to register endpoints, and then gets itself firewalled off.

Some quick debugging things I found useful.

Find the pod

$ cluster/kubectl.sh --namespace kube-system get pods
NAME READY STATUS RESTARTS AGE
kube-dns-v18-mi26o 3/3 Running 0 18m

Check it has registered endpoints successfully

$ cluster/kubectl.sh --namespace kube-system get ep
NAME ENDPOINTS AGE
kube-dns 172.17.0.2:53,172.17.0.2:53 18m

Check its logs

$ cluster/kubectl.sh logs --namespace kube-system kube-dns-v18-mi26o -c kubedns
....

Deploy something and check it both can use DNS and is listed in DNS

I made a trivial Ubuntu image with a little more in it:

$ cat rob/Dockerfile
FROM ubuntu

RUN apt-get update
RUN apt-get install -y iputils-ping curl openssh-client iproute2 dnsutils
RUN apt-get clean && rm -rf /var/lib/apt/lists/*

Which I then deploy via a trivial definition:

apiVersion: v1
kind: Pod
metadata:
  name: ubuntu
  namespace: default
spec:
  containers:
  - image: ubuntu-debug
    command:
      - sleep
      - "3600"
    imagePullPolicy: IfNotPresent
    name: ubuntu
  restartPolicy: Always

And a call to kubectl:

$ cluster/kubectl.sh create -f rob/ubuntu.yaml

And if successfully integrated with DNS, it will be registered with DNS under A-B-C-D.default.pod.cluster.local.

$ cluster/kubectl.sh exec ubuntu -ti /bin/bash
root@ubuntu:/# ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
48: eth0@if49: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.17.0.3/16 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:acff:fe11:3/64 scope link tentative dadfailed
       valid_lft forever preferred_lft forever
root@ubuntu:/# ping 172-17-0-3.default.pod.cluster.local
PING 172-17-0-3.default.pod.cluster.local (172.17.0.3) 56(84) bytes of data.
64 bytes from ubuntu (172.17.0.3): icmp_seq=1 ttl=64 time=0.013 ms
^C
--- 172-17-0-3.default.pod.cluster.local ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.013/0.013/0.013/0.000 ms