Forwarding domain traffic also forwards internal k8s command traffic to the wrong ip

spiderunderurbed@raspberrypi:~/k8s $ cat /etc/resolv.conf
# resolv.conf(5) file generated by tailscale
# For more info, see https://tailscale.com/s/resolvconf-overwrite
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 127.0.0.1
nameserver 100.100.100.100
search spidersdomain.ts.net

/etc/dnsmasq.conf:

# Handle *.spidershomelab.xyz address=/spidershomelab.xyz/192.168.0.36
# Use your regular DNS for everything else

#server=127.0.0.1

#server=192.168.0.22

server=8.8.8.8

server=1.1.1.1

How come whenever I try to get the logs of a container

e.g nextcloud

I get this error:

spiderunderurbed@raspberrypi:~/k8s $ kubectl logs nextcloud-c794594f6-v4r4s
Defaulted container "nextcloud" out of: nextcloud, permission-fixer (init)
Error from server: Get "https://192.168.0.36:10250/containerLogs/default/nextcloud-c794594f6-v4r4s/nextcloud": proxy error from 127.0.0.1:6443 while dialing 192.168.0.36:10250, code 502: 502 Bad Gateway
spiderunderurbed@raspberrypi:~/k8s $ 

I want general domain queries to go to 192.168.0.36, and internal k8s traffic for stuff like container logs to like remain internally

Hi,

There is no problem with the DNS. Kubeapi gets “logs“ command and tried to reach out kubelet on the 192.168.0.36 node that, I assume, is running the pod.

Worth checking firewall on the 192.168.0.36. Make sure port 10250 is opened.