Description
What Happened?
The current documentation for "Ingress DNS" shows a configuration that unintentionally makes minikube's DNS server the default system resolver instead of limiting it to .test domains only.
The documented commands in the "Ingress DNS for Linux Linux OS with systemd-resolved" section:
sudo tee /etc/systemd/resolved.conf.d/minikube.conf << EOF
[Resolve]
DNS=$(minikube ip)
Domains=~test
EOF
sudo systemctl restart systemd-resolved
Expected behavior: DNS queries for .test domains should be routed to minikube, while other domains use the system's default DNS servers.
Actual behavior: minikube's DNS server becomes the primary resolver for all domains, not just .test domains.
Root Cause
When adding DNS=$(minikube ip) to the global systemd-resolved configuration without specifying a specific network interface, systemd-resolved treats it as a high-priority global DNS server, even though Domains=~test is specified.
Proposed Solution
Replace the current documentation with interface-specific configuration:
# Get the minikube bridge interface name
MINIKUBE_BRIDGE=$(docker network ls -q --filter name=minikube | xargs -I {} docker network inspect {} --format '{{.Options.com.docker.network.bridge.name}}')
# Configure DNS only for minikube interface
sudo resolvectl dns br-$(docker network ls -q --filter name=minikube) $(minikube ip)
sudo resolvectl domain br-$(docker network ls -q --filter name=minikube) ~test
Or alternatively, provide a more specific systemd configuration:
sudo tee /etc/systemd/resolved.conf.d/minikube.conf << EOF
[Resolve]
DNS=$(minikube ip)
Domains=~test
FallbackDNS=8.8.8.8 1.1.1.1
DefaultRoute=false
EOF
sudo systemctl restart systemd-resolved
Steps to Reproduce
- Follow current documentation for Ingress DNS setup
- Run
resolvectl status - Observe that minikube DNS server is listed as primary (
Global) for all interfaces - Test DNS resolution for non-.test domains (they go through minikube instead of original DNS)
Attach the log file
Not applicable
Operating System
Ubuntu
Driver
Docker