Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Title
m
magnificent-vr-88571
03/07/2023, 3:44 PMhi,
I have RKE2 cluster deployed in a private network, internet connectivity can be reached through proxy server in aws.
Followed https://docs.rke2.io/advanced#configuring-an-http-proxy and set proxy setting.
With rke2-coredns using rancher/hardened-coredns:v1.9.3-build20220613
nslookup fails
> kubectl run -it --rm test-pod --image=busybox:1.28 --restart=Never -- /bin/sh
/ # nslookup kubernetes.default.svc.cluster.local
Server: 10.43.0.10
Address 1: 10.43.0.10 rke2-coredns-rke2-coredns.kube-system.svc.cluster.local
Name: kubernetes.default.svc.cluster.local
Address 1: 10.43.0.1 kubernetes.default.svc.cluster.local
/ # nslookup kubernetes
Server: 10.43.0.10
Address 1: 10.43.0.10 rke2-coredns-rke2-coredns.kube-system.svc.cluster.local
Name: kubernetes
Address 1: 10.43.0.1 kubernetes.default.svc.cluster.local
/ # nslookup <http://google.com|google.com>
Server: 10.43.0.10
Address 1: 10.43.0.10 rke2-coredns-rke2-coredns.kube-system.svc.cluster.local
nslookup: can't resolve '<http://google.com|google.com>'corefile content
.:53 {
errors
health {
lameduck 5s
}
ready
kubernetes cluster.local cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
prometheus 0.0.0.0:9153
forward . /etc/resolv.conf
cache 30
loop
reload
loadbalance
}nameserver 127.0.0.53
search default.svc.cluster.local svc.cluster.local
nameserver 8.8.8.8
nameserver 8.8.4.4
options edns0 trust-adLooking for inputs to resolve
a
abundant-noon-17295
03/07/2023, 3:59 PMwhat ’s
echo $https_proxy $HTTPS_PROXYm
magnificent-vr-88571
03/07/2023, 4:04 PMby default its a empty line printed
set proxy environment variables manually and tried, still facing issue.
/ # export https_proxy="http://<proxyserver>:3128"
/ # export HTTP_PROXY="http://<proxyserver>:3128"
/ # export HTTPs_PROXY="http://<proxyserver>:3128"
/ # export HTTPS_PROXY="http://<proxyserver>:3128"
/ # HTTPS_PROXY="http://<proxyserver>:3128"
/ # HTTP_PROXY="http://<proxyserver>:3128"
/ # https_proxy="http://<proxyserver>:3128"
/ # https_proxy="http://<proxyserver>:3128"
/ # http_proxy="http://<proxyserver>:3128"
/ #
/ #
/ # nslookup <http://google.com|google.com>
Server: 10.43.0.10
Address 1: 10.43.0.10 rke2-coredns-rke2-coredns.kube-system.svc.cluster.local
nslookup: can't resolve '<http://google.com|google.com>'a
abundant-noon-17295
03/07/2023, 4:06 PMwhat about
CONTAINERD_HTTPS_PROXYm
magnificent-vr-88571
03/07/2023, 4:07 PM/ # printenv
KUBERNETES_SERVICE_PORT=443
KUBERNETES_PORT=<tcp://10.43.0.1:443>
HOSTNAME=test-pod1
SHLVL=1
HOME=/root
TERM=xterm
KUBERNETES_PORT_443_TCP_ADDR=10.43.0.1
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
KUBERNETES_PORT_443_TCP_PORT=443
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_SERVICE_PORT_HTTPS=443
KUBERNETES_PORT_443_TCP=<tcp://10.43.0.1:443>
KUBERNETES_SERVICE_HOST=10.43.0.1all the nodes are set with following variables but not
CONTAINERDHTTP_PROXY=<http://your-proxy.example.com:8888>
HTTPS_PROXY=<http://your-proxy.example.com:8888>
NO_PROXY=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16