What Should I Do If a Container Fails to Access the Internet?
If a container cannot access the Internet, check whether the node where the container is located can access the Internet. Then check whether the network configuration of the container is correct. For example, check whether the DNS configuration can resolve the domain name.
Check Item 1: Whether the Node Can Access the Internet
- Log in to the ECS console.
- Check whether the ECS corresponding to the node has been bound to an EIP or has a NAT gateway configured.
Figure 1 shows that an EIP has been bound. If no EIP is displayed, bind an EIP to the ECS.
Check Item 2: Whether a Network ACL Has Been Configured for the Node
- Log in to the VPC console.
- In the navigation pane on the left, choose Access Control > Network ACLs.
- Check whether a network ACL has been configured for the subnet where the node is located and whether external access is restricted.
Check Item 3: Whether the DNS Configuration of the Container Is Correct
Run the cat /etc/resolv.conf command command in the container to check the DNS configuration. An example is as follows:
nameserver 10.247.x.x search default.svc.cluster.local svc.cluster.local cluster.local options ndots:5
If nameserver is set to 10.247.x.x, DNS is connected to the CoreDNS of the cluster. Ensure that the CoreDNS of the cluster is running properly. If another IP address is displayed, an in-cloud or on-premises DNS server is used. Ensure that the domain name resolution is correct.
Network Fault FAQs
- How Do I Locate a Workload Networking Fault?
- Why the ELB Address Cannot Be used to Access Workloads in a Cluster?
- Why the Ingress Cannot Be Accessed Outside the Cluster?
- Why Does the Browser Return Error Code 404 When I Access a Deployed Application?
- What Should I Do If a Container Fails to Access the Internet?
- What Can I Do If a VPC Subnet Cannot Be Deleted?
- How Do I Restore a Faulty Container NIC?
- What Should I Do If a Node Fails to Connect to the Internet (Public Network)?
- How Do I Resolve a Conflict Between the VPC CIDR Block and the Container CIDR Block?
- What Should I Do If the Java Error "Connection reset by peer" Is Reported During Layer-4 ELB Health Check
- How Do I Locate the Service Event Indicating That No Node Is Available for Binding?
- Why Does "Dead loop on virtual device gw_11cbf51a, fix it urgently" Intermittently Occur When I Log In to a VM using VNC?
- Why Does a Panic Occasionally Occur When I Use Network Policies on a Cluster Node?
- Why Are Lots of source ip_type Logs Generated on the VNC?
- What Should I Do If Status Code 308 Is Displayed When the Nginx Ingress Controller Is Accessed Using the Internet Explorer?
- What Should I Do If an Nginx Ingress Access in the Cluster Is Abnormal After the Add-on Is Upgraded?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore
