OpenShift DNS Explained¶
Introduction¶
OpenShift DNS resolves services and pod names inside the cluster. DNS failures are usually caused by CoreDNS issues, NetworkPolicy, wrong service names, or testing from the wrong namespace.
When You Need This¶
Use this when traffic does not reach an OpenShift application, TLS behavior is unclear, DNS fails inside the cluster, or NetworkPolicy changes affect pod communication.
Key Objects and Commands¶
oc rsh deploy/web -n app
getent hosts api.app.svc.cluster.local
curl -sS http://api.app.svc.cluster.local:8080/health
oc get pods -n openshift-dns
Example output:
172.30.84.20 api.app.svc.cluster.local
OK
Step-by-Step Configuration¶
- Confirm the project and object names.
- Check route, service, endpoint, pod, and policy status.
- Apply only the network change that matches the failed layer.
Verification¶
oc get svc api -n app
oc get endpoints api -n app
oc get pods -n openshift-dns
Troubleshooting¶
Follow the path from client to route, route to service, service to endpoint, endpoint to pod, and pod to container port.
Common Mistakes¶
- Testing short names from the wrong namespace.
- Blaming DNS when the service has no endpoints.
- Blocking DNS egress with NetworkPolicy.
Quick Checklist¶
- Confirm the active project.
- Inspect the exact object named in the error.
- Read recent events.
- Apply one focused fix.
- Verify status after the change.
Related Guides¶
Summary¶
OpenShift DNS Explained is easier to troubleshoot when each network layer is verified separately instead of treating every failure as a router problem.