kubernetes: kubectl does not respect osx VPN dns

I have a feeling this is more related to Go than kubernetes specifically but the CGO_ENABLED=0 builds cause this problem to occur.

➜  amd64 ./kubectl get po
Unable to connect to the server: dial tcp: lookup kube-apiserver01.internal: no such host

When rebuilding off the v1.2.0 tag with CGO_ENABLED=1 in the hack/lib/golang.sh DNS works as expected:

➜  kubernetes git:(5cb86ee) ./_output/local/bin/darwin/amd64/kubectl get po
NAME                            READY     STATUS    RESTARTS   AGE
pod123   3/3       Running   0          19h

You can also reproduce that the go dns implementation is lacking with the CGO_ENABLED=1 bin via env variables:

➜  kubernetes git:(5cb86ee) GODEBUG=netdns=go ./_output/local/bin/darwin/amd64/kubectl get po
Unable to connect to the server: dial tcp: lookup kube-apiserver01.internal on 8.8.8.8:53: no such host

As expected, it isn’t an option to force cgo resolution via runtime env variables for the CGO_ENABLED=0 bin:

➜  amd64 GODEBUG=netdns=cgo ./kubectl get po
Unable to connect to the server: dial tcp: lookup prod-kube-apiserver01.nyc3.internal.digitalocean.com: no such host

About this issue

Original URL
State: closed
Created 8 years ago
Reactions: 18
Comments: 62 (13 by maintainers)

Commits related to this issue

Fix two issues on k8s bay After upgrade to Kubernetes v1.2, there are two issues: * kubelet cannot find the IP address of nodes [1] * the systemd service kube-system-namespace failed because it doesn... — committed to openstack/magnum by deleted user 8 years ago

Most upvoted comments

I have the same problem.

As a temporary workaround of some sort, I wrote this small utility: https://github.com/greenboxal/dns-heaven

It servers as a DNS proxy that answers requests based on macOS name resolution stack config. Basically, anything that uses /etc/resolv.conf will work with the rest of macOS DNS config.

greenboxal on Sep 10, 2017

/remove-lifecycle stale

bitglue on Sep 23, 2019

https://github.com/kubernetes/release/issues/469 would resolve this issue. Seems difficult for this to be a duplicate given it was reported 1.5 years earlier 😉

macb on May 2, 2018

/sig release

I won’t speak for the release team, but it seems unlikely that the “official” macOS builds of kubectl will ever be linked against macOS libc.

The best workaround is to install kubectl using Homebrew. Further discussion in https://github.com/kubernetes/release/issues/469.

ixdy on Jan 8, 2020

/remove-lifecycle stale

bitglue on Mar 26, 2019

I think this is fixed in Go 1.20+ (https://github.com/golang/go/issues/12524#issuecomment-1297455410) and so fixed in kubectl 1.27. 🎉

rohitagarwal003 on Jun 1, 2023

This article explains how to work around this issue: https://medium.com/@danieljimgarcia/its-always-dns-a-kubectl-story-1326de8b2f67

weltonrodrigo on Oct 10, 2022

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle stale

fejta-bot on Dec 22, 2019

Removed the version from the title since this has recurred in later versions too

0xmichalis on Apr 7, 2017