CRE-2025-0071

CoreDNS unavailableHigh

Impact: 9/10

Mitigation: 8/10

CRE-2025-0071View on GitHub

KubernetesNetworkingDNSHigh Availability

Description

CoreDNS deployment is unavailable or has no ready endpoints, indicating an imminent cluster-wide DNS outage.

Cause

CoreDNS deployment scaled to zero replicas, pods crashed due to bad configuration, or underlying infrastructure issues causing CoreDNS pods to become unready or unavailable.

Mitigation

Immediate Actions: - Check CoreDNS deployment status: `kubectl -n kube-system get deployment coredns` - Verify CoreDNS pod health: `kubectl -n kube-system get pods -l k8s-app=kube-dns` - Check CoreDNS logs: `kubectl -n kube-system logs -l k8s-app=kube-dns`

Common Fixes: - Scale deployment if replicas are 0: `kubectl -n kube-system scale deploy/coredns --replicas=2` - Restart pods if configuration issues: `kubectl -n kube-system rollout restart deployment/coredns` - Verify kube-dns service endpoints: `kubectl -n kube-system get endpoints kube-dns`

References

• https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/
• https://coredns.io/manual/toc/#troubleshooting