Fix DNS Issue OpenShift¶
Introduction¶
OpenShift DNS resolves services and pod names inside the cluster. DNS failures are usually caused by CoreDNS issues, NetworkPolicy, wrong service names, or testing from the wrong namespace.
Symptoms¶
Typical symptoms include failed pods, route errors, denied requests, unhealthy operators, or command errors that repeat after retries.
Common Causes¶
- Testing short names from the wrong namespace.
- Blaming DNS when the service has no endpoints.
- Blocking DNS egress with NetworkPolicy.
Step 1: Check the Current Status¶
oc rsh deploy/web -n app
getent hosts api.app.svc.cluster.local
curl -sS http://api.app.svc.cluster.local:8080/health
oc get pods -n openshift-dns
Example output:
172.30.84.20 api.app.svc.cluster.local
OK
Step 2: Inspect Logs and Events¶
oc get svc api -n app
oc get endpoints api -n app
oc get pods -n openshift-dns
Step 3: Verify Configuration¶
Compare the object selectors, service account, image reference, route target, or operator status with the failing symptom. In OpenShift, events often show the exact admission, scheduling, pull, SCC, or route reason.
Step 4: Apply the Fix¶
Apply the smallest targeted fix: correct the selector, update the route or service port, link the pull secret, grant the specific RBAC or SCC permission, or repair the unhealthy operator dependency.
Step 5: Confirm the Problem Is Resolved¶
Run the verification commands again and confirm the status, events, and user-facing test all agree.
Common Mistakes¶
- Testing short names from the wrong namespace.
- Blaming DNS when the service has no endpoints.
- Blocking DNS egress with NetworkPolicy.
Quick Checklist¶
- Confirm the active project.
- Inspect the exact object named in the error.
- Read recent events.
- Apply one focused fix.
- Verify status after the change.
Related Guides¶
Summary¶
Fix DNS Issue OpenShift requires matching the symptom to the OpenShift object that owns it. Use oc status commands, events, logs, and focused verification so the fix is tied to evidence.