![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 57.00000000000001%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
Not Monitored
Tag not monitored by Microsoft.
42,737 questions
This is relevant for Azure DevOps, GitHub Actions, or using kubectl via the CLI to interact with a private AKS cluster. I received an error message stating, "Unable to connect to the server: dial tcp: lookup <Cluster Name>-dns-rrxn45oq.19568f79-2d23-4df0-8d3e-f7e3e690d17b.privatelink.eastus.azmk8s.io on <Private DNS IP>:53: no such host"
I figured this out. If anyone is getting this error running kubectl from a vnet different than the cluster's vnet, you need to ensure the following:
- The vnets are peered. I tried otherwise but the nslookup showed it was lost in trying to resolve the IP address, especially if IPs overlap.
- The Private DNS zone created by the AKS cluster installation has a Virtual Network Link to the vnet where you run kubectl. To do this, perform the following:
- Select to Private DNS zones from your Azure Portal Homepage (for me, it was: https://portal.azure.com/#view/HubsExtension/BrowseResource/resourceType/Microsoft.Network%2FprivateDnsZones).
- Click on the Private DNS zone AKS created. In my case, it was "19568f79-2d23-4df0-8d3e-f7e3e690d17b.privatelink.eastus.azmk8s.io".
- Click on Virtual network links (under Settings in left-side pane).
- Click on the "+Add" button.
- Complete the form with your link name and select the virtual network you want to run kubectl (or Azure DevOps or your private GitHub Actions runner) from.
- Once completed, you can test running kubectl from a VM inside the vnet (you first need to run az aks get-credentials first).