2020-05-23 - Oof... DNS!

*.minikube.randomroad.net and *.minikube.randomroad.net. aren't much different, but the small difference wasted an hour of my time yesterday.

I have a domain for my home-lab / messing around stuff, and I host DNS for it on 2 small NetBSD VPS servers. This is using BIND9, replication and DNSSEC are setup, and everything is usually nice and easy.

Yesterday I was doing some work that inolved a Kubernetes development setup needing a bunch of hostnames that would all resolve to the IP address of my local Minikube VM. Rather than /etc/hosts entries I thought I would add a wildcard on a subdomain in the BIND9 zone file for my domain, so I wrote...

; Minikube
*.minikube.randomroad.net      IN      A

... and then signed the zone file, restarted named, and assumed all would be well. Cue almost an hour of looking into errors appearing in my containers like...


dial tcp: lookup cloud.minikube.randomroad.net: Temporary failure in name resolution


I could go to that address in my browser fine. I could ping it fine. But in the containers running under Minikube it didn't resolve.

Turns out that it's easy to overlook a trailing period in a zone file. The zone file is for randomroad.net so a *.minikube.randomroad.net entry without a trailing period really means *.minikube.randomroad.net.randomroad.net. I didn't catch on to this quickly due to being able to ping the hostname fine on my host, outside of Kubernetes. Naturally I'd previously put an entry in /etc/hosts some time ago and forgotten about that.

After bashing my head against the desk it just needed a quick change of the zone file to...

; Minikube
*.minikube      IN      A

... or ...

; Minikube
*.minikube.randomroad.net.      IN      A

... and all was right in the world again.

Simple mistakes made to look more complicated than they are, due to something you did and forgot about, are always fun!

