You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've noticed that the ingress-dns addon works with the VirtualBox driver but does not function with the Docker Desktop driver on Windows. It appears that this behavior is considered expected because of network isolation between the Docker container and the host.
However, this explanation isn't entirely convincing. The reason is that similar network-related issues (such as DNS resolution) are often resolved when using tools like minikube tunnel or kubectl port-forward, which manage these connections between the host and the Kubernetes cluster. These tools suggest that network isolation is not necessarily a blocker for DNS resolution.
After investigating the issue, I discovered a few important findings that I'd like to share:
kubectl port-forwarddoes not handle UDP traffic: This is the first workaround I considered to bring DNS resolution to the host. However, kubectl port-forward only works for TCP and does not support UDP, which is required for DNS queries (especially from Windows nslookup, etc.).
The kube-dnsservice can be run on the host: The kube-dns service is a Go program, and it can run on the Windows host itself, listening on port 53. This allows DNS queries from the host to be resolved. By using the force_tcp option in the DNS server's configuration, I was able to forward DNS traffic over TCP, which works with kubectl port-forward.
Solution with two port-forwards: By chaining two port-forwards, I was able to route DNS requests from Windows nslookup to the Docker cluster's DNS service. This approach successfully resolved the DNS query issue.
Conclusion: In summary, while, with the default setup for Docker Desktop, ingress-dns addon does not provide DNS resolution from the host, it's possible to work around the issue using port-forwarding techniques. However, this solution requires some manual configuration, and it would be great if future versions of minikube could automate this process and improve the workflow for DNS resolution in the Docker Desktop driver.
What Happened?
I've noticed that the
ingress-dns
addon works with the VirtualBox driver but does not function with the Docker Desktop driver on Windows. It appears that this behavior is considered expected because of network isolation between the Docker container and the host.However, this explanation isn't entirely convincing. The reason is that similar network-related issues (such as DNS resolution) are often resolved when using tools like
minikube tunnel
orkubectl port-forward
, which manage these connections between the host and the Kubernetes cluster. These tools suggest that network isolation is not necessarily a blocker for DNS resolution.After investigating the issue, I discovered a few important findings that I'd like to share:
kubectl port-forward
does not handle UDP traffic: This is the first workaround I considered to bring DNS resolution to the host. However,kubectl port-forward
only works for TCP and does not support UDP, which is required for DNS queries (especially from Windowsnslookup
, etc.).The
kube-dns
service can be run on the host: Thekube-dns
service is a Go program, and it can run on the Windows host itself, listening on port 53. This allows DNS queries from the host to be resolved. By using theforce_tcp
option in the DNS server's configuration, I was able to forward DNS traffic over TCP, which works withkubectl port-forward
.Solution with two port-forwards: By chaining two port-forwards, I was able to route DNS requests from Windows
nslookup
to the Docker cluster's DNS service. This approach successfully resolved the DNS query issue.Conclusion: In summary, while, with the default setup for Docker Desktop, ingress-dns addon does not provide DNS resolution from the host, it's possible to work around the issue using port-forwarding techniques. However, this solution requires some manual configuration, and it would be great if future versions of minikube could automate this process and improve the workflow for DNS resolution in the Docker Desktop driver.
Example of Corefile.txt
2 commands running on the host in parallel
coredns -dns.port=53 -conf Corefile.txt
kubectl -n kube-system port-forward svc/kube-dns 1053:53
Attach the log file
Not Relevant
Operating System
Windows
Driver
Docker
The text was updated successfully, but these errors were encountered: