Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ingress-dns Addon for Docker Driver on Windows #20147

Open
giuliohome opened this issue Dec 22, 2024 · 0 comments
Open

ingress-dns Addon for Docker Driver on Windows #20147

giuliohome opened this issue Dec 22, 2024 · 0 comments

Comments

@giuliohome
Copy link

What Happened?

I've noticed that the ingress-dns addon works with the VirtualBox driver but does not function with the Docker Desktop driver on Windows. It appears that this behavior is considered expected because of network isolation between the Docker container and the host.

However, this explanation isn't entirely convincing. The reason is that similar network-related issues (such as DNS resolution) are often resolved when using tools like minikube tunnel or kubectl port-forward, which manage these connections between the host and the Kubernetes cluster. These tools suggest that network isolation is not necessarily a blocker for DNS resolution.

After investigating the issue, I discovered a few important findings that I'd like to share:

  1. kubectl port-forward does not handle UDP traffic: This is the first workaround I considered to bring DNS resolution to the host. However, kubectl port-forward only works for TCP and does not support UDP, which is required for DNS queries (especially from Windows nslookup, etc.).

  2. The kube-dns service can be run on the host: The kube-dns service is a Go program, and it can run on the Windows host itself, listening on port 53. This allows DNS queries from the host to be resolved. By using the force_tcp option in the DNS server's configuration, I was able to forward DNS traffic over TCP, which works with kubectl port-forward.

  3. Solution with two port-forwards: By chaining two port-forwards, I was able to route DNS requests from Windows nslookup to the Docker cluster's DNS service. This approach successfully resolved the DNS query issue.

Conclusion: In summary, while, with the default setup for Docker Desktop, ingress-dns addon does not provide DNS resolution from the host, it's possible to work around the issue using port-forwarding techniques. However, this solution requires some manual configuration, and it would be great if future versions of minikube could automate this process and improve the workflow for DNS resolution in the Docker Desktop driver.

Example of Corefile.txt

.:53 {
    hosts {
        127.0.0.1 whoami.example.org
        fallthrough
    }
    forward . 127.0.0.1:1053 {
        force_tcp
    }
    log
    errors
}

2 commands running on the host in parallel

  • coredns -dns.port=53 -conf Corefile.txt

  • kubectl -n kube-system port-forward svc/kube-dns 1053:53

Attach the log file

Not Relevant

Operating System

Windows

Driver

Docker

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant