Ask questionskubefed doesn't use the MacOs DNS resolver

What happened: kubefedctl can't resolve DNS records when MacOs can. We are connecting to development/production environments in AWS through VPN. We are using private Route53 zones for internal DNS, so they are not visible worldwide. kubefedctl tries to resolve DNS using nameserver from /etc/resolv.conf which is usually a router that is not connected to VPN. So when I try to join a cluster I get an error:

kf join dc5-fqdn --cluster-context dc5-fqdn --host-cluster-context dev --v=2
F0424 10:39:10.735490   89801 join.go:126] Error: Get dial tcp: lookup on no such host

MacOs can resolve this DNS name:

PING (xx.xx.27.70): 56 data bytes

As a workaround I have to modify /etc/resolv.conf file to add a certain AWS nameserver (xx.xx.0.2) to allow kubefedctl to resolve the DNS name.

What you expected to happen: kubefedctl should be able to resolve DNS names using MacOs DNS resolver.

How to reproduce it (as minimally and precisely as possible): Connect to AWS through VPN. Create a private DNS zone in Route53. Add DNS record to the private Route53 zone Try to resolve this DNS record with kubefedctl.


  • Kubernetes version (use kubectl version) Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.0", GitCommit:"9e991415386e4cf155a24b1da15becaa390438d8", GitTreeState:"clean", BuildDate:"2020-03-26T06:16:15Z", GoVersion:"go1.14", Compiler:"gc", Platform:"darwin/amd64"} Server Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.4", GitCommit:"8d8aa39598534325ad77120c120a22b3a990b5ea", GitTreeState:"clean", BuildDate:"2020-03-12T20:55:23Z", GoVersion:"go1.13.8", Compiler:"gc", Platform:"linux/amd64"}
  • KubeFed version kubefedctl version: version.Info{Version:"v0.2.0-alpha.1-dirty", GitCommit:"6da59976d2def28c3146fe61ffb4bc9d8a9da34d", GitTreeState:"dirty", BuildDate:"2020-02-27T23:58:17Z", GoVersion:"go1.13.7", Compiler:"gc", Platform:"darwin/amd64"}
  • Scope of installation (namespaced or cluster) cluster
  • Others

/kind bug


Answer questions fejta-bot

Stale issues rot after 30d of inactivity. Mark the issue as fresh with /remove-lifecycle rotten. Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle rotten

fejta-bot Direct feedback to #sig-testing on
Github User Rank List