Openshift 豆荚可以'；t在'之后解析DNS；oc集群'；_Openshift

Openshift 豆荚可以'；t在'之后解析DNS；oc集群'；

openshift

Openshift 豆荚可以'；t在'之后解析DNS；oc集群'；,openshift,Openshift,在新安装的RHEL7.4上： # install the oc client and docker [root@openshift1 ~]# yum install atomic-openshift-clients.x86_64 docker # configure and start docker [root@openshift1 ~]# sed -i '/^\[registries.insecure\]/!b;n;cregistries = ['172.30.0.0\/16']' /etc

在新安装的RHEL7.4上：

# install the oc client and docker
[root@openshift1 ~]# yum install atomic-openshift-clients.x86_64 docker

# configure and start docker
[root@openshift1 ~]# sed -i '/^\[registries.insecure\]/!b;n;cregistries = ['172.30.0.0\/16']' /etc/containers/registries.conf
[root@openshift1 ~]# systemctl start docker; systemctl enable docker

# these links recommend running 'iptables -F' as a workaround for pod DNS issues
# https://github.com/openshift/origin/issues/12110
# https://github.com/openshift/origin/issues/10139

[root@openshift1 ~]# iptables -F; iptables -F -t nat

[root@openshift1 ~]# oc cluster up --public-hostname 192.168.146.200

尝试测试apache生成时出现以下错误：

Cloning "https://github.com/openshift/httpd-ex.git " ...
WARNING: timed out waiting for git server, will wait 1m4s
error: fatal: unable to access 'https://github.com/openshift/httpd-ex.git/': Could not resolve host: github.com; Unknown error

DNS服务器存在

[root@openshift1 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.146.2

我可以确认主机可以解析名称：

[root@openshift1 ~]# host github.com
github.com has address 192.30.255.113
github.com has address 192.30.255.112

然而，这个DNS服务器并没有到达吊舱

[root@openshift1 ~]# oc get pods
NAME                            READY     STATUS    RESTARTS   AGE
docker-registry-1-rqm9h         1/1       Running   0          38s
persistent-volume-setup-fdbv5   1/1       Running   0          50s
router-1-m6z8w                  1/1       Running   0          31s

[root@openshift1 ~]# oc rsh docker-registry-1-rqm9h
sh-4.2$ cat /etc/resolv.conf
nameserver 172.30.0.1
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5

我有什么遗漏吗

您不应该刷新规则，而应该创建一个新区域并打开其他端口，例如：

firewall-cmd --permanent --new-zone dockerc
firewall-cmd --permanent --zone dockerc --add-source $(docker network inspect -f "{{range .IPAM.Config }}{{ .Subnet }}{{end}}" bridge)
firewall-cmd --permanent --zone dockerc --add-port 8443/tcp --add-port 53/udp --add-port 8053/udp
firewall-cmd --reload

资料来源：

编辑：另外，/etc/resolv.conf中的DNS服务器应该可以从OCP实例路由

资料来源：

不确定你是否经历过，我真的没有，谢谢你指出这一点。我检查了DNS要求，我满足了它。我正在VMWare工作站上运行我的独立openshift主机，该工作站在NAT适配器上提供DNS服务/etc/resolv.conf在openshift主机上是正确的，我可以解析名称。然而，DNS条目并没有向下流到POD。NetworkManager已启用并正在运行。请同时检查dnsmasq配置，通常在

/etc/dnsmasq.d

文件夹中。在/var/lib/origin`中没有/etc/dnsmasq.d文件夹，也没有任何dnsmasq.d目录。如先决条件中所示，Openshift依赖dnsmasq解析域名。如果Dnsmasq未正确安装和配置，pod无法解析域名。在我的情况下，您的答案解决了我的问题，即我使用的是443，刚刚添加到现有dockerc区域