Error doing DNS lookup for NS records when using a Private DNS zone

[billyshambrook]

Since 621dec7, I have started to get the following error when I try to use KOPS with just a Private DNS zone.

This may impact the current private networking work...

AWS_DEFAULT_REGION=us-east-1 AWS_PROFILE=terraform-development KOPS_STATE_STORE=s3://project-infrastructure-development/kops kops create cluster --cloud=aws --associate-public-ip=false --dns-zone MN99W4L99JSA --network-cidr 172.28.0.0/16 --vpc vpc-bbb1k5as --zones=us-east-1a,us-east-1b,us-east-1c,us-east-1e --master-zones=us-east-1a,us-east-1b,us-east-1c  --networking cni --image ami-928a8923 --kubernetes-version v1.4.5 kubernetes.development.project.io

I1102 14:22:42.100821   93923 cluster.go:421] Assigned CIDR 172.28.32.0/19 to zone us-east-1a
I1102 14:22:42.100861   93923 cluster.go:421] Assigned CIDR 172.28.64.0/19 to zone us-east-1b
I1102 14:22:42.100871   93923 cluster.go:421] Assigned CIDR 172.28.96.0/19 to zone us-east-1c
I1102 14:22:42.100880   93923 cluster.go:421] Assigned CIDR 172.28.160.0/19 to zone us-east-1e
Previewing changes that will be made:

error doing DNS lookup for NS records for "development.project.io": lookup development.project.io on 192.168.1.333:53: no such host

Thanks

[chrislovecnm]

@justinsb thoughts?

[vendrov]

@billyshambrook Have you tried to execute kops from the target VPC ?

glog.V(2).Infof("Doing DNS lookup to verify NS records for %q", dnsName) ns, err := net.LookupNS(dnsName) if err != nil { return fmt.Errorf("error doing DNS lookup for NS records for %q: %v", dnsName, err) }

[justinsb]

So the behaviour in kops 1.5 should be:

• we should automatically skip dns validation for private dns hosted zones
• we should automatically attach the private hosted zone to the VPC

[hridyeshpant]

@justinsb i am using kops version Version 1.5.0-alpha3 and using public hosted zone to AWS VPC.
i am also getting same error

I0119 12:10:31.551440 18744 dns.go:94] Doing DNS lookup to verify NS records for "dev.XXXXX.com"
error doing DNS lookup for NS records for "dev.XXXXX.com": lookup dev.XXXXX.com on 10.203.224.22:53: no such host

[justinsb]

@billyshambrook I believe your problem should now be solved if you pass the --dns private flag - and thank you for the PR you sent and sorry that we ended up doing this differently as the model evolved.

@hridyeshpant I believe we spoke on slack, but that was a genuine configuration issue it detected I believe - I think the docs here https://github.com/kubernetes/kops/pull/1538/files#diff-5803986eae4dd3a69a265d54997b0040 (still in PR) cover it.

Going to close, but please reopen if there's still problems here when using kops 1.5.0 beta1 or above with the --dns private flag!