Wildcard DNS resolution for apps-crc.testing does not appear to be working

[Sunmx]

crc version CodeReady Containers version: 1.37.0+3876d27d OpenShift version: 4.9.10 (embedded in executable)

RHEL 8.5 (Ootpa)

cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 127.0.0.1
options edns0 trust-ad

[praveenkumar]

@Sunmx RHEL-8.5 uses the systemd-resolved do check resolvectl dns and also check the sudo virsh net-dumpxml crc which have info around how to resolve apps-crc.testing.

Please use issue template to file a bug/issue.

[Sunmx]

in the guide rhel should use NetworkManager + dnsmasq, right? 5.1.2.2. NetworkManager + dnsmasq This configuration is used by default on Fedora 32 or older, on Red Hat Enterprise Linux, and on CentOS.

[Sunmx]

I didn't start systemd-resolved and could get result sudo virsh net-dumpxml crc

> <network connections='1'>
>   <name>crc</name>
>   <uuid>xxxxxxxxxxxxxxxxxxxxxxxxxxxx</uuid>
>   <forward mode='nat'>
>     <nat>
>       <port start='1024' end='65535'/>
>     </nat>
>   </forward>
>   <bridge name='crc' stp='on' delay='0'/>
>   <mac address='xxxxxxxxxxxxxxxxxxxxxxxxxxxx/>
>   <ip family='ipv4' address='192.168.130.1' prefix='24'>
>     <dhcp>
>       <host mac='xxxxxxxxxxxxxxxxxxxxxxxxxxxx' ip='192.168.130.11'/>
>     </dhcp>
>   </ip>
> </network>

[Sunmx]

@praveenkumar

[nklkarthi]

using RHEL 8.5, crc version

CodeReady Containers version: 1.37.0+3876d27d
OpenShift version: 4.9.10 (embedded in executable)

$ crc setup
INFO Checking if running as non-root
INFO Checking if running inside WSL2
INFO Checking if crc-admin-helper executable is cached
INFO Checking for obsolete admin-helper executable
INFO Checking if running on a supported CPU architecture
INFO Checking minimum RAM requirements
INFO Checking if crc executable symlink exists
INFO Creating symlink for crc executable
INFO Checking if Virtualization is enabled
INFO Checking if KVM is enabled
INFO Checking if libvirt is installed
INFO Checking if user is part of libvirt group
INFO Checking if active user/process is currently part of the libvirt group
INFO Checking if libvirt daemon is running
INFO Checking if a supported libvirt version is installed
INFO Checking if crc-driver-libvirt is installed
INFO Checking crc daemon systemd service
INFO Setting up crc daemon systemd service
INFO Checking crc daemon systemd socket units
INFO Setting up crc daemon systemd socket units
INFO Checking if systemd-networkd is running
INFO Checking if NetworkManager is installed
INFO Checking if NetworkManager service is running
INFO Checking if dnsmasq configurations file exist for NetworkManager
INFO Checking if the systemd-resolved service is running
INFO Checking if /etc/NetworkManager/dispatcher.d/99-crc.sh exists
INFO Writing NetworkManager dispatcher file for crc
INFO Using root access: Writing NetworkManager configuration to /etc/NetworkManager/dispatcher.d/99-crc.sh
INFO Using root access: Changing permissions for /etc/NetworkManager/dispatcher.d/99-crc.sh to 755
INFO Using root access: Executing systemctl daemon-reload command
INFO Using root access: Executing systemctl reload NetworkManager
INFO Checking if libvirt 'crc' network is available
INFO Setting up libvirt 'crc' network
INFO Checking if libvirt 'crc' network is active
INFO Starting libvirt 'crc' network
INFO Checking if CRC bundle is extracted in '$HOME/.crc'
INFO Checking if /home/nklkarthi/.crc/cache/crc_libvirt_4.9.10.crcbundle exists
INFO Extracting bundle from the CRC executable
INFO Ensuring directory /home/nklkarthi/.crc/cache exists
INFO Extracting embedded bundle crc_libvirt_4.9.10.crcbundle to /home/nklkarthi/.crc/cache
INFO Uncompressing crc_libvirt_4.9.10.crcbundle
crc.qcow2: 11.56 GiB / 11.56 GiB [-------------------------------------------------------------------------------------------------------------------------------------------------] 100.00%
oc: 117.16 MiB / 117.16 MiB [------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00%
Your system is correctly setup for using CodeReady Containers, you can now run 'crc start' to start the OpenShift cluster

$ crc start
INFO Checking if running as non-root
INFO Checking if running inside WSL2
INFO Checking if crc-admin-helper executable is cached
INFO Checking for obsolete admin-helper executable
INFO Checking if running on a supported CPU architecture
INFO Checking minimum RAM requirements
INFO Checking if crc executable symlink exists
INFO Checking if Virtualization is enabled
INFO Checking if KVM is enabled
INFO Checking if libvirt is installed
INFO Checking if user is part of libvirt group
INFO Checking if active user/process is currently part of the libvirt group
INFO Checking if libvirt daemon is running
INFO Checking if a supported libvirt version is installed
INFO Checking if crc-driver-libvirt is installed
INFO Checking crc daemon systemd socket units
INFO Checking if systemd-networkd is running
INFO Checking if NetworkManager is installed
INFO Checking if NetworkManager service is running
INFO Checking if dnsmasq configurations file exist for NetworkManager
INFO Checking if the systemd-resolved service is running
INFO Checking if /etc/NetworkManager/dispatcher.d/99-crc.sh exists
INFO Checking if libvirt 'crc' network is available
INFO Checking if libvirt 'crc' network is active
INFO Loading bundle: crc_libvirt_4.9.10...
INFO Creating CodeReady Containers VM for OpenShift 4.9.10...
INFO Generating new SSH Key pair...
INFO Generating new password for the kubeadmin user
INFO Starting CodeReady Containers VM for OpenShift 4.9.10...
INFO CodeReady Containers instance is running with IP 192.168.130.11
INFO CodeReady Containers VM is running
INFO Updating authorized keys...
INFO Check internal and public DNS query...
INFO Check DNS query from host...
**WARN Wildcard DNS resolution for apps-crc.testing does not appear to be working**
INFO Verifying validity of the kubelet certificates...
INFO Starting OpenShift kubelet service
INFO Waiting for kube-apiserver availability... [takes around 2min]
INFO Adding user's pull secret to the cluster...
INFO Updating SSH key to machine config resource...
INFO Waiting for user's pull secret part of instance disk...
INFO Changing the password for the kubeadmin user
INFO Updating cluster ID...
INFO Updating root CA cert to admin-kubeconfig-client-ca configmap...
INFO Starting OpenShift cluster... [waiting for the cluster to stabilize]
INFO Operator openshift-controller-manager is progressing
INFO 2 operators are progressing: kube-apiserver, openshift-controller-manager
INFO 2 operators are progressing: authentication, kube-apiserver
INFO Operator authentication is progressing
INFO Operator authentication is not yet available
INFO Operator authentication is not yet available
INFO All operators are available. Ensuring stability...
INFO Operators are stable (2/3)...
INFO Operators are stable (3/3)...
INFO Adding crc-admin and crc-developer contexts to kubeconfig...
Started the OpenShift cluster.

The server is accessible via web console at:
  https://console-openshift-console.apps-crc.testing

From the browser https://console-openshift-console.apps-crc.testing is getting resolved and able to login as developer and create the sample python app. Deployment is success and Route created, but the python sample application is not accessible from the browser.

http://python-sample-ex180-lab.apps-crc.testing is not getting resolved.

Any thoughts ?

[Sunmx]

yes, as you said, @nklkarthi because WARN Wildcard DNS resolution for apps-crc.testing does not appear to be working I must add url like below to the host manual. but I think it's bug. http://python-sample-ex180-lab.apps-crc.testing is not getting resolved.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[cfergeau]

WARN Wildcard DNS resolution for apps-crc.testing if you are using usermode networking, this warning is expected and harmless. This issue is missing the steps regarding what you did after running crc start in order to deploy this python sample application, so it is hard to try to reproduce and see if it's working fine for us.

[Sunmx]

@cfergeau for example, I deploy kiali, the route link is https://kiali-istio-system.apps-crc.testing/, and I must add this to the host, or else, I can't access the site because the DNS not working.

and , I also find a solution, which add wildcard /testing/ into dnsmasq as below cd /etc/dnsmasq.d/ echo "address=/testing/192.168.130.11" > /etc/dnsmasq.d/crc.conf cat crc.conf   address=/testing/192.168.130.11

in my case I didn't need to add the url to host and it would be work

[cfergeau]

crc setup should be doing similar configuration for you, apparently there's an issue with this on your setup, but without more details it's hard to understand what did not work.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[VGerris]

@Sunmx your suggestion looks like a good idea, except for me :

sudo cat /var/lib/libvirt/dnsmasq/crc.conf
[sudo] password for ubuntu: 
##WARNING:  THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
##OVERWRITTEN AND LOST.  Changes to this configuration should be made using:
##    virsh net-edit crc
## or other application using the libvirt API.
##
## dnsmasq conf file created by libvirt
strict-order
user=libvirt-dnsmasq
pid-file=/run/libvirt/network/crc.pid
except-interface=lo
bind-dynamic
interface=crc
dhcp-range=192.168.130.1,static
dhcp-no-override
dhcp-authoritative
dhcp-hostsfile=/var/lib/libvirt/dnsmasq/crc.hostsfile
addn-hosts=/var/lib/libvirt/dnsmasq/crc.addnhosts

and: /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/crc.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt_leaseshelper when I use the virsh edit command I get an XML file and it is unclear to me how the address line is added that you mention.

I also actually see many hosts added in my host file for the 192.168.130.11 IP but not for the deployed app.

I run ubuntu 22.04 LTS. would be great to have a way to add the line by libvirt API, thanks [update] tried : https://libvirt.org/formatnetwork.html#elementsAddress using that in the conf file does not work, crc does not want to proceed beyond starting the machine. I'll work around things by adding host entries for now, seems like a bug if many other routes are there. Not sure where to file an improvement/bug, so I'll leave it for now [/update]

[cfergeau]

This bug was mentioned again recently, I'd like to reiterate this:

WARN Wildcard DNS resolution for apps-crc.testing if you are using usermode networking, this warning is expected and harmless.

There's a 'routes-controller' container running inside the VM which makes use of ~/.crc/bin/crc-admin-helper-linux to update /etc/hosts so that new routes can be resolved. If for some reason this does not work as expected, we'll need more detailed steps in order to reproduce this. Is this still happening by just deploying kiali ?

[akosma]

I had exactly this issue with Ubuntu 22.04.1 and the latest CRC, and I solved it manually configuring dnsmasq following the instructions in this AskUbuntu question, initially pointed out in ticket https://github.com/code-ready/crc/issues/549#issuecomment-695262205. Hope this helps.

[mikahe]

In my Ubuntu Server 22.04.1 I use currently this workaround (after starting crc):

sudo resolvectl domain crc ~testing; sudo resolvectl dns crc 192.168.130.11; sudo resolvectl llmnr crc yes

Wildcard DNS resolution is working when something like this works (without ever touching /etc/hosts):

$ host testing123-default.apps-crc.testing testing123-default.apps-crc.testing has address 192.168.130.11

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[VGerris]

bump. Would be great if the installer can be improved or documentation of the inner workings can have some of the workarounds documented.

[cfergeau]

You said:

I also actually see many hosts added in my host file for the 192.168.130.11 IP but not for the deployed app.

There might be a bug with the routes-controller component of crc

Apart from this, at the moment it's only systems relying on systemd-networkd which are known to need workarounds (one of them is ubuntu server). mikahe had success with https://github.com/crc-org/crc/issues/2889#issuecomment-1228176286 At this point, I don't know if there are more problems or not, as this issue is quite hard to follow.

[Namphibian]

Using Ubuntu 22.04 installed the logging operator(EFK) stack but could not access the Kibana route. Can confirm had success with https://github.com/crc-org/crc/issues/2889#issuecomment-1228176286 workaound

[bmaupin]

I'm also using Ubuntu 22.04 and having the same issue. https://github.com/crc-org/crc/issues/2889#issuecomment-1228176286 didn't work for me. I just started deploying the apps to 192.168.130.11.nip.io as a workaround, which seems to work.

[VinySCS]

In my Ubuntu Server 22.04.1 I use currently this workaround (after starting crc):

sudo resolvectl domain crc ~testing; sudo resolvectl dns crc 192.168.130.11; sudo resolvectl llmnr crc yes

Wildcard DNS resolution is working when something like this works (without ever touching /etc/hosts):

$ host testing123-default.apps-crc.testing testing123-default.apps-crc.testing has address 192.168.130.11

Many thanks, this solved my problem. I'm using Zorin OS 17.1 Pro and studying OpenShift local, everything runs fine and I could access the dashboard normally but when I tried to create an application apache, nginx or whatever and try to access link it gaves me bad gateway, but now it is working fine thanks to you!!!

[ringerc]

See also https://github.com/crc-org/crc/issues/2593

Please don't hack /etc/hosts; this is good advice: https://github.com/crc-org/crc/issues/2889#issuecomment-1228176286