'Why does OpenShift oc login fail with no such host?

On OCP 4.3 the oc login command generated from the dashboard "Copy Login Command"

oc login --token=asdfghjk... --server=https://api.xxx.com:6443

fails with:

error: dial tcp: lookup api.xxx.com on 192.168.0.1:53: no such host - verify you have provided the correct host and port and that the server is currently running.

When I substitute the public ip of my cluster for the hostname it works.

oc login --token=asdfghjk... --server=https://1.2.3.4:6443

I can successfully ping api.xxx.com, the curl command generated by "Copy Login Command" resolves the hostname, and the curl url also works in chrome. I've tried adding the host and public ip to my /etc/hosts file but it still fails.

Is there some oc command configuration option I'm missing? Or perhaps a local proxy that I need to start? (Odd that the error msg says ...on 192.168.0.1:53...)

Versions:

$ oc version Client Version: openshift-clients-4.3.0-201910250623-88-g6a937dfe Server Version: 4.3.0 Kubernetes Version: v1.16.2 $

Update:

I've opened an oc issue for this:

https://github.com/openshift/oc/issues/315

openshift


Solution 1:[1]

This is not a problem with the oc client. It is working as expected.

The DNS server the machine you're running the oc command on does not know about the OpenShift DNS entries.

Judging by the IP 192.168.0.1 its your router.

If you deployed OpenShift in the cloud you need to make sure you're using a Public DNS zone so the DNS entries are resolvable from anywhere.

Alternately you could put those entries in the /etc/hosts file on your local linux machine (if its Windows the path is different) or you could put them in the DNS settings in your router.

Solution 2:[2]

I encounter the similar "No such host" problem run oc rsh command. After oc logout and oc login again, the problem is resolved.

Solution 3:[3]

Had same problem today on MacOS. Ping worked to resolve the host BUT nslookup and dig both could NOT resolve the host, and the nameserver that dig and nslookup used was my default gateway address / port 53.

Fix: Go to System Preferences > Network > Advanced > DNS tab. Add in name servers that resolve the hostname, which in my case are intranet nameservers (i'm VPN'ed). I also added in several public nameservers just in case.

Now Dig / nslookup resolve the host, and my oc login works

Conclusion? I'm not sure this is an oc issue as much as it is a VPN configuration problem. Seems VPN did not add in intranet DNS properly. However I cannot explain why, before i added the nameservers, ping worked but dig/nslookup did not.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Nick
Solution 2 William Lin
Solution 3 Tom Seelbach

Related Questions

CORS : Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request [duplicate]

How to have multiple object types in a single openshift yaml template?

Readiness probe failes because mongosh --eval freezes

Fluentd container not running on Openshift

Openshift routes are not redirected to particular service

Gitlab-Runner on Kubernetes/Openshift

Mixed Content error because of Keycloak default login redirection

Mounting ConfigMap deleted old data from MySQL my.cnf file

How do you add multiple config files to configMap with kustomize configMapGenerator by using a pattern/regex/...?

Openshift: Expose postgresql remotely

Change Docker base image of running containers

OpenShift 4 support ActiveMQ Artemis?Or need suggestion for best message broker compatibility with openshift4 [closed]

How can I use OpenShift built in Ingress to expose SMTP/IMAP?

Gitlab CE and Operator runner API

Gitlab CE and Operator runner API