-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot connect to k8s behind VPN on Mac OS #716
Comments
Lens is using upstream kubectl binaries and those have this limitation. Lens project probably needs to build own kubectl binaries with right build flags. |
@jakolehm
Maybe there any way to switch to brew kubectl? |
This helps me as a workaround:
|
Maybe the fix is available on 1.18 version for kubectl. |
Withe Lens 3.6.0, I can workaround by setting the Path to Kubectl binary to |
It looks like a solution, isn't it? |
Dunno about a "solution" since it's still broken out of the box. I guess Lens could bundle the Homebrew kubectl binary on macOS instead of the upstream one (until upstream gets fixed) |
Sorry to hop on this old issue, but how do you enable lens-k8s-proxy? I'm still getting the exact issue described in the issue where Lens won't connect to anything behind a VPN using split DNS and defaults to I've even tried pointing Lens at the homebrew version of kubectl. I'm on an Apple Silicon Mac running Lens 6.5.2 if that makes any difference. |
Describe the bug
The issue described: kubernetes/kubectl#48
And solution already implemented in kubectl: kubernetes/release#469
Kubectl works fine, but lens doesnt
On macOS, if a Go program is compiled with CGO_ENABLED=0 then Go uses its own internal network name resolver. This resolver only knows about /etc/resolv.conf and doesn’t know about the libSystem (macOS libc) library and its name resolution functions.
macOS (like most modern OSes) has smarter DNS lookups than just using an /etc/resolv.conf which allows it to smoothly handle switching networks.
When a VPN is being used then DNS lookups will be split between the VPN’s DNS servers and your ISP’s DNS servers, depending on the hostname.
You can set up custom name servers for certain domains by creating resolv.conf style files in /etc/resolver/. This is what your VPN software is doing behind the covers.
This issue can be reproduced by creating /etc/resolver/ resolver for a particular cluster. This resolver must use different DNS servers than /etc/resolv.conf has. And only these different DNS servers have to resolve cluster fqdn.
To Reproduce
Steps to reproduce the behavior:
Or
Expected behavior
The same behavior as for kubectl - I can work with cluster.
Screenshots
Environment (please complete the following information):
Logs:
When you run the application executable from command line you will see some logging output. Please paste them here:
The text was updated successfully, but these errors were encountered: