k8s报错

coredns 导致的pod不能访问外网

把coredns.yaml的 upstream 和 proxy 改成阿里云的223.5.5.5

data:
  Corefile: |
    .:53 {
        errors
        health
        kubernetes cluster.local. in-addr.arpa ip6.arpa {
            pods insecure
            upstream 223.5.5.5
            fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        proxy . 223.5.5.5
        cache 30
    }

安装的时候，没清空iptables，centos7的话 需要把firewalld给关闭了

systemctl stop kubelet
systemctl stop docker
iptables --flush
iptables -tnat --flush
systemctl start kubelet
systemctl start docker
systemctl diasble firewalld
systemctl stopfirewalld