Description of problem: If default port for DNS in OpenShift master is changed, the Kubernetes DNS service exposes incorrect port for DNS. Version-Release number of selected component (if applicable): 3.1.0.4 How reproducible: Very Steps to Reproduce: 1. Edit /etc/origin/master/master-config.yaml 2. Change value for dnsConfig: bindAddress: from 0.0.0.0:53 to (say) 0.0.0.0:8053 3. restart atomic-openshift-master Actual results: # oc get svc kubernetes NAME CLUSTER_IP EXTERNAL_IP PORT(S) SELECTOR AGE kubernetes 172.30.0.1 <none> 443/TCP,8053/UDP,8053/TCP <none> 22d Note use of port 8053 which is useless for most DNS clients S2I and other pods will hang and terminate with error dial tcp: i/o timeout Expected results: # oc get svc kubernetes NAME CLUSTER_IP EXTERNAL_IP PORT(S) SELECTOR AGE kubernetes 172.30.0.1 <none> 443/TCP,53/UDP,53/TCP <none> 22d Note use of port 53 which is required by libresolv and most DNS clients S2I processes should run to completion Additional info: The following script can be used after restarting the master to fix the Kubernetes service definition #!/bin/bash -- oc get svc kubernetes -n default -o yaml | \ sed -e '/- name: dns/,+1s/port: [0-9][0-9]*$/port: 53/' | \ oc replace -f -
Looks like this was already fixed in https://github.com/openshift/origin/pull/6341. The service port will always use 53 and use the config to point to the bind port.
Verified on openshift v3.1.1.6 Now the service port always uses 53.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2016:1064