← Back to blog
CoreDNSNetworkingCKATroubleshooting
CoreDNS Down: When Kubernetes DNS Breaks
nslookup fails inside pods but apps look fine? Cluster DNS is a platform service — check kube-system before you restart application Deployments.
1 min read
A microservice logs:
dial tcp: lookup redis.cache.svc.cluster.local: i/o timeoutRedis pod is Running. The Service exists. Still — DNS is the failure mode.
Quick in-cluster test
kubectl run dns-test --rm -it --image=busybox:1.36 -- nslookup kubernetes.defaultIf that fails, the problem is cluster DNS, not your app manifest.
Check CoreDNS
kubectl get pods -n kube-system -l k8s-app=kube-dns
kubectl logs -n kube-system -l k8s-app=kube-dns --tail=50CrashLoop, resource starvation, or ConfigMap loop misconfiguration (/etc/coredns/Corefile) are frequent causes.
Also verify:
kubectl get svc -n kube-system kube-dnsClusterIP should match /etc/resolv.conf in application pods (nameserver 10.96.0.10 varies by cluster).
CKA vs CKAD lens
| Role | Typical fix depth |
|---|---|
| **CKAD** | Recognize DNS failure; fix app ConfigMap upstream URL if wrong; know to check CoreDNS exists |
| **CKA** | Repair CoreDNS Deployment, Corefile, kube-proxy/CNI interaction, node DNSPolicy |
On CKA you may SSH to nodes; on CKAD you usually fix workload config after confirming DNS is broken cluster-wide.
Do not
- Roll every Deployment in the namespace (DNS still broken)
- Point apps at hard-coded ClusterIPs (fragile; does not fix CoreDNS)
- Assume external DNS — in-cluster names need CoreDNS
CKA Exam Prep includes cluster networking scenarios; Service Connectivity covers app-side DNS/tracing.