Can't use docker-registry.default.svc in pod spec

[phemmer]

If you try to use image: 'docker-registry.default.svc:5000/mynamespace/myimage' in a pod spec, you'll get errors such as:

Failed to pull image "docker-registry.default.svc:5000/mynamespace/myimage": rpc error: code = 2 desc = Get https://docker-registry.default.svc:5000/v1/_ping: dial tcp: lookup docker-registry.default.svc: no such host

This is happening because docker itself uses the host's DNS configuration, which isn't using the kubernetes DNS service.

My own thoughts: It seems like the way to fix this is to ensure the centos image is using dnsmasq (which it currently is not), reroute the cluster.local domain to the kubernetes DNS service, and add the domain to the search list as well.

(ref: openshift/origin#16097)

[cmoulliard]

Is it fixed ? @LalatenduMohanty

[gbraad]

We have not specifically taken any action on this... Can you test this?

…

On Fri, Jun 29, 2018 at 1:27 PM, Charles Moulliard ***@***.*** > wrote: Is it fixed ? @LalatenduMohanty <https://github.com/LalatenduMohanty> — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#222 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAAHZqPUQTHtbZNG5g8r6iZrFyL7AUIaks5uBbqpgaJpZM4SUBma> .

-- Gerard Braad | http://gbraad.nl [ Doing Open Source Matters ]

[cmoulliard]

I can reproduce it locally using this config

minishift v1.20.0+53c500a
- cpus                               : 4
- image-caching                      : false
- iso-url                            : centos
- memory                             : 4G
- openshift-version                  : v3.9.0
- vm-driver                          : xhyve

where the image of the DeploymentConfig is defined as such

        - image: docker-registry.default.svc:5000/k8s-supervisord/copy-supervisord:1.0

Error

Failed to pull image "docker-registry.default.svc:5000/k8s-supervisord/copy-supervisord:1.0": rpc error: code = Unknown desc = Get https://docker-registry.default.svc:5000/v1/_ping: dial tcp: lookup docker-registry.default.svc on 192.168.65.1:53: no such host

[lostiniceland]

I am having the same problem with 3.10 (installed via openshift-ansible)

[vagrant@master ~]$ cat /etc/resolv.conf 
# nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
# Generated by NetworkManager
search cluster.local vnet.de
nameserver 192.168.60.150

[vagrant@master ~]$ nslookup master.vnet.de
Server:         192.168.60.150
Address:        192.168.60.150#53
Name:   master.vnet.de
Address: 192.168.60.150

[vagrant@master ~]$ nslookup docker-registry.default.svc          
Server:         192.168.60.150
Address:        192.168.60.150#53
Non-authoritative answer:
Name:   docker-registry.default.svc
Address: 62.138.239.45
Name:   docker-registry.default.svc
Address: 62.138.238.45

[vagrant@master ~]$ nslookup docker-registry.default.svc.cluster.local
Server:         192.168.60.150
Address:        192.168.60.150#53
Name:   docker-registry.default.svc.cluster.local
Address: 172.30.142.227

I am no expert on networking but since the DNS only resolves cluster.local and my custom domain vnet.de, just having docker-registry.default.svc probably resolves to an unreachable network.

EDIT:
The solution provided here worked with some minor changes.
On each node I've updated /etc/dnsmasq.d/origin-upstream-dns.conf with server=/default.svc/172.30.0.1 and restarted dnsmasq.