Envs
$ kops version
Version 1.18.2 (git-84495481e4)
Kubernetes Cluster Version: 1.18.10
What I want to do
I want to create a Kubernetes cluster at my domain xway.me
.
I found this article and try that.
I created a cluster and tried to print the terraform file as output but it failed.
$ kops update cluster \
--out=. \
--target=terraform \
--state s3://xway.me-kops \
--name xway.me
error doing DNS lookup for NS records for "xway.me": lookup xway.me on 127.0.0.53:53: no such host
What I tried
Error doing DNS lookup for NS records when using a Private DNS zone #781
I add the --dns private
But I got unknown flag: --dns
.
Installing Kubernetes on AWS with kops
Now my resolv.conf is here
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "systemd-resolve --status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0
search ad.oit.ac.jp
I add this code in the /etc/resolv.conf.
search xway.me
Then I got this error.
error doing DNS lookup for NS records for "xway.me": lookup xway.me on 127.0.0.53:53: server misbehaving
adding nameserver 8.8.8.8
is also failed
error doing DNS lookup for NS records for "xway.me": lookup xway.me on 127.0.0.53:53: no such host
using kops create:
$ kops create cluster --name xway.me --state s3://xway.me-kops
cluster "xway.me" already exists; use 'kops update cluster' to apply changes
I want to know
How can I succeed in running kops update cluster
?
When you are using private DNS records, they will not typically resolve locally. You need a DNS forwareder hosted in a VPC that has the private route53 record enabled.
The kOps record doesn't expose anything particularly sensitive, but if you do not want to use a public record, an option is to use a Gossip cluster.
There is a known issue with combining gossip with terraform though.