Existing generated service entries do not resolve to defined endpoints

[rjferguson21]

Environment

Device and OS: Linux App version: 0.26.1 Kubernetes distro being used: k3d

Steps to reproduce

1. Deploy the demo bundle with: uds run test-uds-core --set FLAVOR=unicorn --no-progress
2. Delete the custom coredns configuration that enables routing *.uds.dev internally kubectl delete cm/coredns-custom -n kube-system
3. Restart the coredns pod kubectl delete pod -n kube-system -l k8s-app=kube-dns
4. Try to resolve https://sso.uds.dev from a workload in the mesh kubectl exec -n velero -it $(kubectl get pods -l name=velero -n velero -o jsonpath="{.items[0].metadata.name}") -- wget https://sso.uds.dev

Expected result

I would expect to see https://sso.uds.dev resolve to the IP address of tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local as configured in the ServiceEntry for sso.uds.dev

Actual Result

https://sso.uds.dev resolves to 127.0.0.1 which indicates it is using public DNS.

Visual Proof (screenshots, videos, text, etc)

 kubectl exec -n velero -it $(kubectl get pods -l name=velero -n velero -o jsonpath="{.items[0].metadata.name}") -- wget https://sso.uds.dev
--2024-08-29 20:44:41--  https://sso.uds.dev/
Resolving sso.uds.dev... 127.0.0.1
Connecting to sso.uds.dev|127.0.0.1|:443... failed: Connection refused.
command terminated with exit code 4

Severity/Priority

Low priority

Additional Context

We can fix by adding these flags to our mesh config:

meshConfig:
  defaultConfig:
    proxyMetadata:
      ISTIO_META_DNS_CAPTURE: "true"
      ISTIO_META_DNS_AUTO_ALLOCATE: "true"

See: https://github.com/istio/istio/issues/49076

[mjnagel]

I also found this helpful to understand the current issue/resolution proposed here: https://istio.io/latest/docs/ops/configuration/traffic-management/dns-proxy/