Use getent ahosts everywhere because it follows `/etc/nsswitch.conf…

…` rules (reads `/etc/hosts`, mDNS, etc.), instead of `dig +short` See mmumshad#355
vazhnov · Dec 18, 2024 · d0dab69 · d0dab69
1 parent eb97acf
commit d0dab69
Show file tree

Hide file tree

Showing 9 changed files with 19 additions and 18 deletions.
diff --git a/CHANGES.md b/CHANGES.md
@@ -9,7 +9,7 @@ It is assumed that you're working on GNU/Linux or similar environment and you're
 * Use Debian images instead of Ubuntu — less memory consumption, less services to disable, no Snap.
 * Store all certs in `/vagrant/certs`, which is shared between hosts.
 * Use current directory in `cert_verify.sh` instead of hardcoded home directory.
-* Use `getent ahosts example.com | cut -d' ' -f1` everywhere because it follows `/etc/nsswitch.conf` rules (reads `/etc/hosts`, mDNS, etc.), instead of `dig +short example.org`.
+* Use `getent ahosts example.com | cut -d' ' -f1` everywhere because it follows `/etc/nsswitch.conf` rules (reads `/etc/hosts`, mDNS, etc.), instead of `dig +short example.org`, see https://github.com/mmumshad/kubernetes-the-hard-way/issues/355.
 * Fix typo in `docs/04-certificate-authority.md`: `SERVICE_CIDR` should be `10.96.0.0/16`.
 * By some reason, `kubectl` installed with just downloading in some places, but in `docs/09-install-cri-workers.md` it is installed properly with `apt`.
 * Add check at the end of `docs/09-install-cri-workers.md`: `vagrant@node01:~$ containerd config dump|grep -i SystemdCgroup`

diff --git a/docs/04-certificate-authority.md b/docs/04-certificate-authority.md
@@ -19,9 +19,9 @@ Query IPs of hosts we will insert as certificate subject alternative names (SANs
 Set up environment variables. Run the following:
 
 ```bash
-CONTROL01=$(dig +short controlplane01)
-CONTROL02=$(dig +short controlplane02)
-LOADBALANCER=$(dig +short loadbalancer)
+CONTROL01="$(getent ahosts controlplane01 | awk '{ print $1 ; exit }')"
+CONTROL02="$(getent ahosts controlplane02 | awk '{ print $1 ; exit }')"
+LOADBALANCER="$(getent ahosts loadbalancer | awk '{ print $1 ; exit }')"
 ```
 
 Compute cluster internal API server service address, which is always `.1` in the service CIDR range. This is also required as a SAN in the API server certificate. Run the following:

diff --git a/docs/05-kubernetes-configuration-files.md b/docs/05-kubernetes-configuration-files.md
@@ -17,7 +17,7 @@ Each kubeconfig requires a Kubernetes API Server to connect to. To support high
 [//]: # (host:controlplane01)
 
 ```bash
-LOADBALANCER=$(dig +short loadbalancer)
+LOADBALANCER="$(getent ahosts loadbalancer | awk '{ print $1 ; exit }')"
 ```
 
 ### The kube-proxy Kubernetes Configuration File

diff --git a/docs/07-bootstrapping-etcd.md b/docs/07-bootstrapping-etcd.md
@@ -57,8 +57,8 @@ The instance internal IP address will be used to serve client requests and commu
 Retrieve the internal IP address of the controlplane(etcd) nodes, and also that of controlplane01 and controlplane02 for the etcd cluster member list
 
 ```bash
-CONTROL01=$(dig +short controlplane01)
-CONTROL02=$(dig +short controlplane02)
+CONTROL01="$(getent ahosts controlplane01 | awk '{ print $1 ; exit }')"
+CONTROL02="$(getent ahosts controlplane02 | awk '{ print $1 ; exit }')"
 ```
 
 Each etcd member must have a unique name within an etcd cluster. Set the etcd name to match the hostname of the current compute instance:

diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md
@@ -65,14 +65,14 @@ The instance internal IP address will be used to advertise the API Server to mem
 Retrieve these internal IP addresses:
 
 ```bash
-LOADBALANCER=$(dig +short loadbalancer)
+LOADBALANCER="$(getent ahosts loadbalancer | awk '{ print $1 ; exit }')"
 ```
 
 IP addresses of the two controlplane nodes, where the etcd servers are.
 
 ```bash
-CONTROL01=$(dig +short controlplane01)
-CONTROL02=$(dig +short controlplane02)
+CONTROL01="$(getent ahosts controlplane01 | awk '{ print $1 ; exit }')"
+CONTROL02="$(getent ahosts controlplane02 | awk '{ print $1 ; exit }')"
 ```
 
 CIDR ranges used *within* the cluster
@@ -280,9 +280,9 @@ sudo apt-get update && sudo apt-get install -y haproxy
 Read IP addresses of controlplane nodes and this host to shell variables
 
 ```bash
-CONTROL01=$(dig +short controlplane01)
-CONTROL02=$(dig +short controlplane02)
-LOADBALANCER=$(dig +short loadbalancer)
+CONTROL01="$(getent ahosts controlplane01 | awk '{ print $1 ; exit }')"
+CONTROL02="$(getent ahosts controlplane02 | awk '{ print $1 ; exit }')"
+LOADBALANCER="$(getent ahosts loadbalancer | awk '{ print $1 ; exit }')"
 ```
 
 Create HAProxy configuration to listen on API server port on this host and distribute requests evently to the two controlplane nodes.

diff --git a/docs/10-bootstrapping-kubernetes-workers.md b/docs/10-bootstrapping-kubernetes-workers.md
@@ -22,7 +22,7 @@ On `controlplane01`:
 [//]: # (host:controlplane01)
 
 ```bash
-NODE01=$(dig +short node01)
+NODE01="$(getent ahosts node01 | awk '{ print $1 ; exit }')"
 ```
 
 ```bash
@@ -59,7 +59,7 @@ When generating kubeconfig files for Kubelets the client certificate matching th
 Get the kube-api server load-balancer IP.
 
 ```bash
-LOADBALANCER=$(dig +short loadbalancer)
+LOADBALANCER="$(getent ahosts loadbalancer | awk '{ print $1 ; exit }')"
 ```
 
 Generate a kubeconfig file for the first worker node.

diff --git a/docs/11-tls-bootstrapping-kubernetes-workers.md b/docs/11-tls-bootstrapping-kubernetes-workers.md
@@ -271,7 +271,7 @@ This is to be done on the `node02` node. Note that now we have set up the load b
 Set up some shell variables for nodes and services we will require in the following configurations:
 
 ```bash
-LOADBALANCER=$(dig +short loadbalancer)
+LOADBALANCER="$(getent ahosts loadbalancer|awk '{ print $1 ; exit }')"
 POD_CIDR=10.244.0.0/16
 SERVICE_CIDR=10.96.0.0/16
 CLUSTER_DNS=$(echo $SERVICE_CIDR | awk 'BEGIN {FS="."} ; { printf("%s.%s.%s.10", $1, $2, $3) }')

diff --git a/docs/12-configuring-kubectl.md b/docs/12-configuring-kubectl.md
@@ -15,7 +15,7 @@ On `controlplane01`
 Get the kube-api server load-balancer IP.
 
 ```bash
-LOADBALANCER=$(dig +short loadbalancer)
+LOADBALANCER="$(getent ahosts loadbalancer | awk '{ print $1 ; exit }')"
 ```
 
 Generate a kubeconfig file suitable for authenticating as the `admin` user:

diff --git a/vagrant/ubuntu/update-dns.sh b/vagrant/ubuntu/update-dns.sh
@@ -2,8 +2,9 @@
 
 # TODO: why do we need this change? To use our records from `/etc/hosts`?
 # Then we probably should just use `getent ahosts` instead of `dig +short` in this course.
+# See also: https://github.com/mmumshad/kubernetes-the-hard-way/issues/355
 
-# Debian 12 Bookworm image by default doesn't use `systemd-resolve`
+# Vagrant image Debian 12 Bookworm by default doesn't use `systemd-resolve`.
 # So let's check if `systemd-resolve` exist:
 if systemd-resolve --status >/dev/null 2>/dev/null; then
   mkdir -pv /etc/systemd/resolved.conf.d