K8S-DNS-003
kubernetes
network_error
ai_generated
true
plugin/loop: Loop (127.0.0.1:53) detected for zone ".", see https://coredns.io/plugins/loop#troubleshooting
ID: kubernetes/coredns-loop-detected
85%Fix Rate
87%Confidence
1Evidence
2023-04-05First Seen
Version Compatibility
| Version | Status | Introduced | Deprecated | Notes |
|---|---|---|---|---|
| coredns 1.8.0 | active | — | — | — |
| coredns 1.9.0 | active | — | — | — |
| coredns 1.10.0 | active | — | — | — |
| kubernetes 1.22 | active | — | — | — |
| kubernetes 1.24 | active | — | — | — |
Root Cause
CoreDNS is forwarding DNS queries to itself, creating a loop, usually because the node's /etc/resolv.conf points to localhost or the pod's DNS policy misconfigures upstream.
generic中文
CoreDNS 将 DNS 查询转发给自己,造成循环,通常是因为节点的 /etc/resolv.conf 指向 localhost 或 Pod 的 DNS 策略配置了错误的上游。
Official Documentation
https://coredns.io/plugins/loop/Workarounds
-
90% success Edit the CoreDNS ConfigMap (kube-system/coredns) to add the `loop` plugin and set a proper upstream DNS. For example, ensure the forward directive points to a valid external DNS (e.g., `forward . /etc/resolv.conf`) and not to localhost.
Edit the CoreDNS ConfigMap (kube-system/coredns) to add the `loop` plugin and set a proper upstream DNS. For example, ensure the forward directive points to a valid external DNS (e.g., `forward . /etc/resolv.conf`) and not to localhost.
-
85% success Check the node's /etc/resolv.conf for nameserver entries pointing to 127.0.0.1 or loopback addresses. If found, change them to a valid DNS server IP (e.g., 8.8.8.8) and restart kubelet.
Check the node's /etc/resolv.conf for nameserver entries pointing to 127.0.0.1 or loopback addresses. If found, change them to a valid DNS server IP (e.g., 8.8.8.8) and restart kubelet.
中文步骤
编辑 CoreDNS ConfigMap(kube-system/coredns)以添加 `loop` 插件并设置正确的上游 DNS。例如,确保 forward 指令指向有效的外部 DNS(例如 `forward . /etc/resolv.conf`),而不是 localhost。
检查节点的 /etc/resolv.conf 中是否有指向 127.0.0.1 或回环地址的 nameserver 条目。如果有,将其更改为有效的 DNS 服务器 IP(例如 8.8.8.8)并重启 kubelet。
Dead Ends
Common approaches that don't work:
-
Delete the CoreDNS pod and let it restart.
95% fail
The loop is caused by configuration, not a transient state; restarting will not fix the underlying issue.
-
Set the node's /etc/resolv.conf to use a public DNS like 8.8.8.8.
60% fail
This may break cluster-internal DNS resolution for services and pods.