[FIXED] ARO DNS query issues when multiple custom DNS servers are configured

Solution Verified - Updated -

Environment

  • Red Hat OpenShift on Azure (ARO)
    • 4
  • OpenShift Managed (Azure)
    • 4
  • Custom DNS configuration
  • Multiple DNS servers

Issue

The issue described in this article has been fixed platform-wide. See the Resolution section.

Disclaimer: Links contained herein to external website(s) are provided for convenience only. Red Hat has not reviewed the links and is not responsible for the content or its availability. The inclusion of any link to an external website does not imply endorsement by Red Hat of the website or their entities, products or services. You agree that Red Hat is not responsible or liable for any loss or expenses that may result due to your use of (or reliance on) the external site or content.*

  • There is a dnsmasq issue that comes into effect when:

    • Custom DNS is configured in the ARO cluster following the ARO documentation.
    • Several nameservers are configured.
    • Name resolution targets a server other than the first one.

  • The issue will result in DNS timeouts and failed name resolution. However, it will not impact your cluster unless the DNS request targets one of the DNS servers that is not the first configured.

Resolution

This issue was fixed June 2022

If you think you are suffering from this issue, please open a case with Red Hat support with as much detail as possible and a reference to this article.

Root Cause

The issue is that resolve.conf.dnsmasq has a misconfiguration or a syntax problem that stops any but the first DNS server being queried. This occurs only when custom DNS being used, multiple DNS server are configured, and the first DNS in the list fails.

Diagnostic Steps

Check the /etc/resolv.conf.dnsmasq of a node. If it contains misconfigured nameserver list in a single line, then this issue may apply:

$ oc get nodes
[...]
$ oc debug node/[node_name] -- cat /host/etc/resolv.conf.dnsmasq
# Generated for dnsmasq.service - should contain DHCP configured DNS
[...]
nameserver 1.1.1.1 | 2.2.2.2

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments