CoreDNS域名解析问题
使用场景
平台组件部署模式及选型
- 网络插件:Calico(非BGP协议,使用Calico IPIP tunl模式)
- Coredns:部署在平台集群中,非(hostNetwork: true)模式;Coredns的POD与跨node通信使用IPIP tunl
- kube-proxy:使用默认的iptables NAT方式,减少一步内核态到用户态的切换
data: config.conf: |- apiVersion: kubeproxy.config.k8s.io/v1alpha1 bindAddress: 0.0.0.0 clientConnection: acceptContentTypes: "" burst: 0 contentType: "" kubeconfig: /var/lib/kube-proxy/kubeconfig.conf qps: 0 clusterCIDR: 172.19.0.0/16 configSyncPeriod: 0s conntrack: maxPerCore: null min: null tcpCloseWaitTimeout: null tcpEstablishedTimeout: null detectLocalMode: "" enableProfiling: false healthzBindAddress: "" hostnameOverride: "" iptables: masqueradeAll: false masqueradeBit: null minSyncPeriod: 0s syncPeriod: 0s ipvs: excludeCIDRs: null minSyncPeriod: 0s scheduler: "" strictARP: false syncPeriod: 0s tcpFinTimeout: 0s tcpTimeout: 0s udpTimeout: 0s kind: KubeProxyConfiguration metricsBindAddress: "" mode: "" nodePortAddresses: null oomScoreAdj: null portRange: "" showHiddenMetricsForVersion: "" udpIdleTimeout: 0s winkernel: enableDSR: false networkName: "" sourceVip: ""
- DNS服务器:
coredns: Coredns1/2(nflow.so)平台集群内部DNS服务器,主要作用用来解决平台集群中的service/pod域名解析,使用协议53/TCP 53/UDP
内部DNS:(DNS1/DNS2 nflow.internal) 主要作用,解析阿里云CNAME 及内部基础组件系统(zk/mq/xxl-job/amq) 使用协议 53/UDP
故障描述
-
部署的应用容器在请求内部域名时(redis.dev02.nflow.internal)无法被解析,具体报警日志如下
[2020-08-24 11:36:18.721] [DubboServerHandler-172.19.25.116:20012-thread-997] [Careful] [ERROR] [traceId-xincheng-flow-cce7124074414c82a2cb8a51be8a8e53_202008241134119950889D95AEC6A5] - register exception: org.springframework.data.redis.RedisConnectionFailureException: Cannot get Jedis connection; nested exception is redis.clients.jedis.exceptions.JedisConnectionException: Could not get a resource from the pool at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.fetchJedisConnector(JedisConnectionFactory.java:162) at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.getConnection(JedisConnectionFactory.java:251) at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.getConnection(JedisConnectionFactory.java:58) at org.springframework.data.redis.core.RedisConnectionUtils.doGetConnection(RedisConnectionUtils.java:128) at org.springframework.data.redis.core.RedisConnectionUtils.getConnection(RedisConnectionUtils.java:91) at org.springframework.data.redis.core.RedisConnectionUtils.getConnection(RedisConnectionUtils.java:78) at org.springframework.data.redis.core.RedisTemplate.execute(RedisTemplate.java:178) at org.springframework.data.redis.core.RedisTemplate.execute(RedisTemplate.java:153) at org.springframework.data.redis.core.AbstractOperations.execute(AbstractOperations.java:86) at org.springframework.data.redis.core.DefaultValueOperations.setIfAbsent(DefaultValueOperations.java:216) at com.weishang.redis.lock.RedisLockBaseArithmetic.lock(RedisLockBaseArithmetic.java:67) at com.weishang.user.service.impl.UserServiceImpl.register(UserServiceImpl.java:639) at com.weishang.user.service.impl.UserServiceImpl.registerWithoutCode(UserServiceImpl.java:792) at com.alibaba.dubbo.common.bytecode.Wrapper58.invokeMethod(Wrapper58.java) at com.alibaba.dubbo.rpc.proxy.javassist.JavassistProxyFactory$1.doInvoke(JavassistProxyFactory.java:47) at com.alibaba.dubbo.rpc.proxy.AbstractProxyInvoker.invoke(AbstractProxyInvoker.java:76) at com.alibaba.dubbo.config.invoker.DelegateProviderMetaDataInvoker.invoke(DelegateProviderMetaDataInvoker.java:52) at com.alibaba.dubbo.rpc.protocol.InvokerWrapper.invoke(InvokerWrapper.java:56) at com.weishang.framework.dubbo.filter.log.LogTraceProviderFilter.invoke(LogTraceProviderFilter.java:25) at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72) at com.alibaba.dubbo.rpc.filter.ExceptionFilter.invoke(ExceptionFilter.java:62) at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72) at com.alibaba.dubbo.monitor.support.MonitorFilter.invoke(MonitorFilter.java:75) at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72) at com.alibaba.dubbo.rpc.filter.TimeoutFilter.invoke(TimeoutFilter.java:42) at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72) at com.alibaba.dubbo.rpc.protocol.dubbo.filter.TraceFilter.invoke(TraceFilter.java:78) at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72) at com.alibaba.dubbo.rpc.filter.ContextFilter.invoke(ContextFilter.java:73) at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72) at com.alibaba.dubbo.rpc.filter.GenericFilter.invoke(GenericFilter.java:141) at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72) at com.alibaba.dubbo.rpc.filter.ClassLoaderFilter.invoke(ClassLoaderFilter.java:38) at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72) at com.alibaba.dubbo.rpc.filter.EchoFilter.invoke(EchoFilter.java:38) at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72) at com.alibaba.dubbo.rpc.protocol.dubbo.DubboProtocol$1.reply(DubboProtocol.java:104) at com.alibaba.dubbo.remoting.exchange.support.header.HeaderExchangeHandler.handleRequest(HeaderExchangeHandler.java:96) at com.alibaba.dubbo.remoting.exchange.support.header.HeaderExchangeHandler.received(HeaderExchangeHandler.java:173) at com.alibaba.dubbo.remoting.transport.DecodeHandler.received(DecodeHandler.java:51) at com.alibaba.dubbo.remoting.transport.dispatcher.ChannelEventRunnable.run(ChannelEventRunnable.java:57) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: redis.clients.jedis.exceptions.JedisConnectionException: Could not get a resource from the pool at redis.clients.util.Pool.getResource(Pool.java:50) at redis.clients.jedis.JedisPool.getResource(JedisPool.java:99) at redis.clients.jedis.JedisPool.getResource(JedisPool.java:12) at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.fetchJedisConnector(JedisConnectionFactory.java:155) ... 43 more Caused by: redis.clients.jedis.exceptions.JedisConnectionException: java.net.UnknownHostException: redis.dev02.nflow.internal at redis.clients.jedis.Connection.connect(Connection.java:164) at redis.clients.jedis.BinaryClient.connect(BinaryClient.java:82) at redis.clients.jedis.BinaryJedis.connect(BinaryJedis.java:1641) at redis.clients.jedis.JedisFactory.makeObject(JedisFactory.java:85) at org.apache.commons.pool2.impl.GenericObjectPool.create(GenericObjectPool.java:861) at org.apache.commons.pool2.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:435) at org.apache.commons.pool2.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:363) at redis.clients.util.Pool.getResource(Pool.java:48) ... 46 more Caused by: java.net.UnknownHostException: redis.dev02.nflow.internal at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:196) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:394) at java.net.Socket.connect(Socket.java:606) at redis.clients.jedis.Connection.connect(Connection.java:158) ... 53 more
故障分析
- 排查此故障过程如下切换至应用环境Pod容器中
[root@dev02-xc-admin-5c768555-jgxhq nflow]# host -v redis.dev02.nflow.internal Trying "redis.dev02.nflow.internal.dev.svc.nflow.so" Trying "redis.dev02.nflow.internal.svc.nflow.so" Trying "redis.dev02.nflow.internal.nflow.so" Trying "redis.dev02.nflow.internal" Trying "redis.dev02.nflow.internal"
- 发现如上的故障现象,是由于应用Pod容器请求corndns使用的是TCP协议,由于corndns的ServiceIP只暴露了UDP协议,默认TCP是enable,由于考虑到域名解析时,TCP消耗资源及效率低的原因,故将TCP相关配置delete操作
spec: ports: - name: dns protocol: UDP port: 53 targetPort: 53 - name: metrics protocol: TCP port: 9153 targetPort: 9153
- 于是将corndns的service配置开启TCP协议
ports: - name: dns protocol: UDP port: 53 targetPort: 53 - name: dns-tcp protocol: TCP port: 53 targetPort: 53 - name: metrics protocol: TCP port: 9153 targetPort: 9153
- 再次查看域名解析结果
[root@dev02-xc-admin-5c768555-jgxhq nflow]# host -v redis.dev02.nflow.internal Trying "redis.dev02.nflow.internal.dev.svc.nflow.so" Trying "redis.dev02.nflow.internal.svc.nflow.so" Trying "redis.dev02.nflow.internal.nflow.so" Trying "redis.dev02.nflow.internal" Trying "redis.dev02.nflow.internal" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15914 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 22 ;; QUESTION SECTION: ;redis.dev02.nflow.internal. IN A ;; ANSWER SECTION: redis.dev02.nflow.internal. 9 IN CNAME r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com. r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com. 9 IN A 10.1.35.155 ;; AUTHORITY SECTION: com. 9 IN NS c.gtld-servers.net. com. 9 IN NS a.gtld-servers.net. com. 9 IN NS k.gtld-servers.net. com. 9 IN NS d.gtld-servers.net. com. 9 IN NS b.gtld-servers.net. com. 9 IN NS j.gtld-servers.net. com. 9 IN NS h.gtld-servers.net. com. 9 IN NS f.gtld-servers.net. com. 9 IN NS i.gtld-servers.net. com. 9 IN NS g.gtld-servers.net. com. 9 IN NS l.gtld-servers.net. com. 9 IN NS m.gtld-servers.net. com. 9 IN NS e.gtld-servers.net. ;; ADDITIONAL SECTION: e.gtld-servers.net. 9 IN A 192.12.94.30 b.gtld-servers.net. 9 IN A 192.33.14.30 j.gtld-servers.net. 9 IN A 192.48.79.30 j.gtld-servers.net. 9 IN AAAA 2001:502:7094::30 m.gtld-servers.net. 9 IN A 192.55.83.30 m.gtld-servers.net. 9 IN AAAA 2001:501:b1f9::30 i.gtld-servers.net. 9 IN A 192.43.172.30 i.gtld-servers.net. 9 IN AAAA 2001:503:39c1::30 f.gtld-servers.net. 9 IN AAAA 2001:503:d414::30 a.gtld-servers.net. 9 IN A 192.5.6.30 g.gtld-servers.net. 9 IN A 192.42.93.30 g.gtld-servers.net. 9 IN AAAA 2001:503:eea3::30 h.gtld-servers.net. 9 IN A 192.54.112.30 h.gtld-servers.net. 9 IN AAAA 2001:502:8cc::30 l.gtld-servers.net. 9 IN A 192.41.162.30 l.gtld-servers.net. 9 IN AAAA 2001:500:d937::30 k.gtld-servers.net. 9 IN A 192.52.178.30 k.gtld-servers.net. 9 IN AAAA 2001:503:d2d::30 c.gtld-servers.net. 9 IN A 192.26.92.30 c.gtld-servers.net. 9 IN AAAA 2001:503:83eb::30 d.gtld-servers.net. 9 IN A 192.31.80.30 d.gtld-servers.net. 9 IN AAAA 2001:500:856e::30 Received 1509 bytes from 10.10.0.10#53 in 0 ms Trying "r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55554 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com. IN AAAA ;; AUTHORITY SECTION: rds.aliyuncs.com. 30 IN SOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235511 7200 900 2592000 600 Received 162 bytes from 10.10.0.10#53 in 0 ms Trying "r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3305 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com. IN MX ;; AUTHORITY SECTION: rds.aliyuncs.com. 30 IN SOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235511 7200 900 2592000 600 Received 162 bytes from 10.10.0.10#53 in 0 ms 虽然仍然还是time_wait的状态,但是可以解析成功,且应用没有报错,请求域名解析超时的错
Corndns相关调整
配置清单
nflow.internal |
只负责Pod内部请求nflow.internal的域名直接响应,并转发给内部DNS(10.1.1.132)
|
.:53 |
负责匹配非nflow.internal及Kubernetes内部域名及外部域名解析,其中承载外部域名解析时,直接forward到Pod所有的node节点上的/etc/resolv.conf定义的nameserver的地址
|
-
在cronfile中新增一个SOA,配置如下
{ "Corefile": "nflow.internal:53 { errors cache 10 forward . 10.1.1.133 { prefer_udp } reload } .:53 { errors health { lameduck 5s } ready kubernetes nflow.so in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa ttl 30 } prometheus :9153 forward . /etc/resolv.conf cache 30 loop reload loadbalance } " }
-
根据以上配置可以得出如下结果
-
需要解析nflow.internal域名直接匹配nflow.internal并直接forward给10.1.1.132上游DNS服务器(相对coredns)
-
需要解析非nflow.internal域名及Kubernetes平台内部的svc/pod域名时及外部域名则匹配默认(.:53)SOA,这样的好处:节省了如果需要解析nflow.internal需要遍历整个Kubernetes 默认的SOA(namespace.svc.nflow.so/svc.nflow.so/nflow.so)节省了如果请求外部域名解析时向内部DNS转发的压力
-
- 依照上面优化建议配置,需要调整相关Pod的dnsPolicy配置,如下
dnsPolicy: None dnsConfig: nameservers: - 10.10.0.10 options: - name: ndots value: '2'
- 调整后解析结果如下
### baidu.com ### [root@dev02-xc-user-6f6c5876bf-8vcr4 nflow]# host -v www.baidu.com Trying "www.baidu.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50799 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.baidu.com. IN A ;; ANSWER SECTION: www.baidu.com. 30 IN CNAME www.a.shifen.com. www.a.shifen.com. 30 IN A 180.101.49.11 www.a.shifen.com. 30 IN A 180.101.49.12 Received 138 bytes from 10.10.0.10#53 in 1 ms Trying "www.a.shifen.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62483 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.a.shifen.com. IN AAAA ;; AUTHORITY SECTION: a.shifen.com. 30 IN SOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240002 5 5 2592000 3600 Received 124 bytes from 10.10.0.10#53 in 0 ms Trying "www.a.shifen.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62962 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.a.shifen.com. IN MX ;; AUTHORITY SECTION: a.shifen.com. 26 IN SOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240001 5 5 2592000 3600 Received 124 bytes from 10.10.0.10#53 in 0 ms [root@dev02-xc-user-6f6c5876bf-8vcr4 nflow]# [root@dev02-xc-user-6f6c5876bf-8vcr4 nflow]# host -v www.baidu.com Trying "www.baidu.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56964 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.baidu.com. IN A ;; ANSWER SECTION: www.baidu.com. 30 IN CNAME www.a.shifen.com. www.a.shifen.com. 30 IN A 180.101.49.11 www.a.shifen.com. 30 IN A 180.101.49.12 Received 138 bytes from 10.10.0.10#53 in 1 ms Trying "www.a.shifen.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53138 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.a.shifen.com. IN AAAA ;; AUTHORITY SECTION: a.shifen.com. 30 IN SOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240002 5 5 2592000 3600 Received 124 bytes from 10.10.0.10#53 in 0 ms Trying "www.a.shifen.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59658 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.a.shifen.com. IN MX ;; AUTHORITY SECTION: a.shifen.com. 30 IN SOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240002 5 5 2592000 3600 Received 124 bytes from 10.10.0.10#53 in 0 ms ### nflow.internal ### [root@dev02-xc-user-6f6c5876bf-8vcr4 nflow]# host -v redis.dev01.nflow.internal Trying "redis.dev01.nflow.internal" Trying "redis.dev01.nflow.internal" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10518 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 21 ;; QUESTION SECTION: ;redis.dev01.nflow.internal. IN A ;; ANSWER SECTION: redis.dev01.nflow.internal. 5 IN CNAME r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com. r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com. 5 IN A 10.1.32.111 ;; AUTHORITY SECTION: com. 5 IN NS b.gtld-servers.net. com. 5 IN NS c.gtld-servers.net. com. 5 IN NS f.gtld-servers.net. com. 5 IN NS h.gtld-servers.net. com. 5 IN NS m.gtld-servers.net. com. 5 IN NS d.gtld-servers.net. com. 5 IN NS i.gtld-servers.net. com. 5 IN NS e.gtld-servers.net. com. 5 IN NS j.gtld-servers.net. com. 5 IN NS k.gtld-servers.net. com. 5 IN NS a.gtld-servers.net. com. 5 IN NS l.gtld-servers.net. com. 5 IN NS g.gtld-servers.net. ;; ADDITIONAL SECTION: e.gtld-servers.net. 5 IN A 192.12.94.30 b.gtld-servers.net. 5 IN A 192.33.14.30 j.gtld-servers.net. 5 IN A 192.48.79.30 j.gtld-servers.net. 5 IN AAAA 2001:502:7094::30 m.gtld-servers.net. 5 IN A 192.55.83.30 m.gtld-servers.net. 5 IN AAAA 2001:501:b1f9::30 i.gtld-servers.net. 5 IN A 192.43.172.30 i.gtld-servers.net. 5 IN AAAA 2001:503:39c1::30 f.gtld-servers.net. 5 IN AAAA 2001:503:d414::30 a.gtld-servers.net. 5 IN A 192.5.6.30 g.gtld-servers.net. 5 IN A 192.42.93.30 g.gtld-servers.net. 5 IN AAAA 2001:503:eea3::30 h.gtld-servers.net. 5 IN A 192.54.112.30 h.gtld-servers.net. 5 IN AAAA 2001:502:8cc::30 l.gtld-servers.net. 5 IN AAAA 2001:500:d937::30 k.gtld-servers.net. 5 IN A 192.52.178.30 k.gtld-servers.net. 5 IN AAAA 2001:503:d2d::30 c.gtld-servers.net. 5 IN A 192.26.92.30 c.gtld-servers.net. 5 IN AAAA 2001:503:83eb::30 d.gtld-servers.net. 5 IN A 192.31.80.30 d.gtld-servers.net. 5 IN AAAA 2001:500:856e::30 Received 1475 bytes from 10.10.0.10#53 in 0 ms Trying "r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16727 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com. IN AAAA ;; AUTHORITY SECTION: rds.aliyuncs.com. 30 IN SOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235958 7200 900 2592000 600 Received 162 bytes from 10.10.0.10#53 in 0 ms Trying "r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35921 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com. IN MX ;; AUTHORITY SECTION: rds.aliyuncs.com. 30 IN SOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235958 7200 900 2592000 600 Received 162 bytes from 10.10.0.10#53 in 0 ms ### nflow.so ### [root@dev02-xc-user-6f6c5876bf-8vcr4 nflow]# host -v sit-xc-job.sit.svc.nflow.so Trying "sit-xc-job.sit.svc.nflow.so" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52666 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;sit-xc-job.sit.svc.nflow.so. IN A ;; ANSWER SECTION: sit-xc-job.sit.svc.nflow.so. 30 IN A 10.10.207.12 Received 88 bytes from 10.10.0.10#53 in 0 ms Trying "sit-xc-job.sit.svc.nflow.so" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34898 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;sit-xc-job.sit.svc.nflow.so. IN AAAA ;; AUTHORITY SECTION: nflow.so. 30 IN SOA ns.dns.nflow.so. hostmaster.nflow.so. 1598246184 7200 1800 86400 30 Received 123 bytes from 10.10.0.10#53 in 0 ms Trying "sit-xc-job.sit.svc.nflow.so" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54241 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;sit-xc-job.sit.svc.nflow.so. IN MX ;; AUTHORITY SECTION: nflow.so. 30 IN SOA ns.dns.nflow.so. hostmaster.nflow.so. 1598246184 7200 1800 86400 30 Received 123 bytes from 10.10.0.10#53 in 0 ms