K8s 可以外部访问却不能访问外部（Debian系统注目）

情况

service可以暴露服务，
pod访问不到服务，直接host 解析异常
busybox ping baidu.com 会失败
一直往上游找原因 dnsPolicy -> coreDns -> log

 [ERROR] plugin/errors: 2 2023497039190041536.8608779483921538962. HINFO: unreachable backend: read udp 10.42.0.25:50264->213.186.33.99:53: i/o timeout
 [ERROR] plugin/errors: 2 2023497039190041536.8608779483921538962. HINFO: unreachable backend: read udp 10.42.0.25:57510->213.186.33.99:53: i/o timeout
 [ERROR] plugin/errors: 2 2023497039190041536.8608779483921538962. HINFO: unreachable backend: read udp 10.42.0.25:32789->213.186.33.99:53: i/o timeout
 [ERROR] plugin/errors: 2 2023497039190041536.8608779483921538962. HINFO: unreachable backend: read udp 10.42.0.25:51126->213.186.33.99:53: i/o timeout
 [ERROR] plugin/errors: 2 2023497039190041536.8608779483921538962. HINFO: unreachable backend: read udp 10.42.0.25:48692->213.186.33.99:53: i/o timeout

因为dnspod是running一直没去看log，浪费了不少时间
查 Issue
提到了 Debian10 发现情况一致

Debian10 的这里走（以免被网上的方案误导

Docker 和 Debian 特有问题确实不少
解决代码
curl https://raw.githubusercontent.com/theAkito/rancher-helpers/master/scripts/debian-buster_fix.sh | bash
Reboot后问题消失
强烈推荐看下这个Issue

其他系统可参考

https://my.oschina.net/u/2306127/blog/1838098