You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a Kubernetes cluster with some services in it. In addition to this, I have a Pi-Hole installed on a different machine.
The idea is that any machine on the network resolves via the Pi-Hole but the pods in Kubernetes should resolve internally unless the hostname was not found in which case it should fallback to Pi-Hole.
Reading the documentation this should attempt to rewrite the request into a *.cluster.local one. If it finds a service, it should return its IP. Otherwise, the request should continue with the original query thus being forwarded to the Pi-Hole IP.
After running some tests, I can see that:
External hostnames are correctly resolved (say www.google.com)
Hostnames that do not match the rewrite rule are also being correctly resolved (say some.machine.example.com)
Domains that match the rewrite rule with an existing service also are being resolved correctly (say exists.example.com)
Domains that match the rewrite rule with no existing service but with an entry on my Pi-Hole are not being resolved (say other.example.com)
For the last scenario, I'm getting the following output with dig (I'm forwarding the port from the cluster):
; <<>> DiG 9.20.5 <<>> -p 5353 other.example.com @localhost +tcp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34069
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 14a6b33084dd5f94 (echoed)
;; QUESTION SECTION:
;other.example.com. IN A
;; AUTHORITY SECTION:
cluster.local. 5 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1738368940 7200 1800 86400 5
;; Query time: 26 msec
;; SERVER: ::1#5353(localhost) (TCP)
;; WHEN: Sat Feb 01 00:30:02 GMT 2025
;; MSG SIZE rcvd: 154
Is there a way to do as I intend? I feel like I might be missing or missinterpreting something but I can't quite point my finger onto it. Many thanks.
Edit: I've also tried by having a rewrite between the kubernetes and the forward instructions undoing the initial rewrite but it just makes all the queries to be forwarded to the Pi-Hole.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
I have a Kubernetes cluster with some services in it. In addition to this, I have a Pi-Hole installed on a different machine.
The idea is that any machine on the network resolves via the Pi-Hole but the pods in Kubernetes should resolve internally unless the hostname was not found in which case it should fallback to Pi-Hole.
I've attempted the following configuration:
Reading the documentation this should attempt to rewrite the request into a
*.cluster.localone. If it finds a service, it should return its IP. Otherwise, the request should continue with the original query thus being forwarded to the Pi-Hole IP.After running some tests, I can see that:
www.google.com)some.machine.example.com)exists.example.com)other.example.com)For the last scenario, I'm getting the following output with
dig(I'm forwarding the port from the cluster):Is there a way to do as I intend? I feel like I might be missing or missinterpreting something but I can't quite point my finger onto it. Many thanks.
Edit: I've also tried by having a rewrite between the kubernetes and the forward instructions undoing the initial rewrite but it just makes all the queries to be forwarded to the Pi-Hole.
Beta Was this translation helpful? Give feedback.
All reactions