Closed DmitriyMV closed 6 months ago
Please note the Question section
on dig.
it actually resolves with the explicit dot, really-long-record.dev.siderolabs.io.
This means it skips the 5 search domains of kubernetes. and the cluster coredns skips the search domains in /etc/resolv.conf which are set by the DHCP of AWS/azure.
In contrast nslookup does not the same thing. It first adds the 5 search domanis AND does AAAA lookup. then coredns add upstream the search domains and is also tasked with the AAAA records. Its no wonder it will timeout.
If you query with the implicit, explicit dot at the end the answer will return within the timeout window.
This is why I have autopath @kubernetes
in my coredns configmap and pods verified
and use an explicit forwarder (so it does not use the search from /etc/resolv.conf)
For more info see https://youtu.be/ZnW3k6m5AY8?feature=shared&t=844 (which will not cover that coredns adds to the problem to honor the hosts search domain)
Fixed in #8816
This is really weird. When you try to run it locally with
it works and return a proper result.
But running it with
forwardKubeDNSToHost: false
and it stops working:dig still works tho