Skip to content
LoKO Documentation

Network & DNS

LoKO provides automatic DNS resolution for local development using in-cluster CoreDNS with a dnsmasq that dynamically tracks your workloads.

How It Works

Section titled “How It Works”
%% title: DNS Resolution Flow %%
graph LR
    App[Application] -->|*.dev.me| Resolver["/etc/resolver/dev.me"]
    Resolver -->|dnsmasq host port| CoreDNS[In-Cluster CoreDNS]
    CoreDNS -->|dnsmasq + hosts plugin| ConfigMap[loko-dynamic-hosts ConfigMap]
    ConfigMap -->|192.168.0.10| Service[Kubernetes Service]

    classDef appStyle fill:#0288d1,stroke:#01579b,color:#fff
    classDef resolverStyle fill:#fb8c00,stroke:#e65100,color:#fff
    classDef dnsStyle fill:#8e24aa,stroke:#6a1b9a,color:#fff
    classDef configMapStyle fill:#3949ab,stroke:#283593,color:#fff
    classDef serviceStyle fill:#43a047,stroke:#2e7d32,color:#fff

    class App appStyle
    class Resolver resolverStyle
    class CoreDNS dnsStyle
    class ConfigMap configMapStyle
    class Service serviceStyle

When you deploy a workload with an Ingress or IngressRoute, the dnsmasq automatically adds its hostname to CoreDNS — no restarts or manual configuration needed.

DNS Configuration

Section titled “DNS Configuration”

Default Setup

Section titled “Default Setup”
network:
    ip: 192.168.0.10       # Auto-detected local IP
    domain: dev.me         # Base domain

If auto-detection picks the wrong address or is unavailable, generate your config with an explicit override:

Terminal window
loko config generate --local-ip 192.168.0.10

dns-port defaults to an auto-selected non-privileged host port (1024–32767), preferring 5453, and usually does not need manual changes.

Custom Domain

Section titled “Custom Domain”
network:
    domain: myproject.local

All services will be accessible as:

  • postgres.myproject.local
  • mysql.myproject.local
  • cr.myproject.local (registry)

DNS Domains

Section titled “DNS Domains”

System Workloads

Section titled “System Workloads”

Format: <workload>.<domain>

Examples:

  • postgres.dev.me:5432
  • mysql.dev.me:3306
  • rabbitmq.dev.me:5672

User Workloads

Section titled “User Workloads”

Format: <workload>.<domain>

Example: myapp.dev.me

Preview Workloads

Section titled “Preview Workloads”

Format: <workload>-pr-<n>.pr.<domain>

Example: myapp-pr-1.pr.dev.me

Internal Components

Section titled “Internal Components”
  • Registry: cr.<domain> (e.g., cr.dev.me)
  • Traefik Dashboard: traefik.<domain> (if enabled)

DNS Operations

Section titled “DNS Operations”

Check DNS Status

Section titled “Check DNS Status”
Terminal window
loko check dns

Shows:

  • CoreDNS pod status
  • Resolver configuration
  • Resolution tests

Start DNS

Section titled “Start DNS”
Terminal window
loko dns start

Stop DNS

Section titled “Stop DNS”
Terminal window
loko dns stop

Recreate DNS

Section titled “Recreate DNS”
Terminal window
loko dns recreate

Useful when:

  • DNS not resolving
  • Configuration changed

Resolver Configuration

Section titled “Resolver Configuration”

macOS

Section titled “macOS”

LoKO creates /etc/resolver/<domain>:

# cat /etc/resolver/dev.me
nameserver <kind-node-ip>
port <auto-selected-nodeport>

This routes all *.dev.me queries to the in-cluster CoreDNS via its auto-selected DNS port on the Kind node. No host-side DNS process is needed.

Linux

Section titled “Linux”

LoKO configures the OS resolver backend when it can detect one it knows how to manage.

Currently documented Linux backends:

  • systemd-resolved
  • NetworkManager with its dnsmasq backend

Linux distributions that do not use systemd-resolved can still work if they use NetworkManager in this mode. Other Linux resolver stacks may still require manual configuration.

Option 1: /etc/hosts (Simple)

LoKO can automatically add entries to /etc/hosts:

Terminal window
# After environment creation
sudo loko init

Option 2: systemd-resolved

Terminal window
resolvectl query postgres.dev.me

Option 3: NetworkManager

Terminal window
nmcli general status
cat /etc/resolv.conf

When the NetworkManager backend is active, /etc/resolv.conf typically points to 127.0.0.1 and NetworkManager’s local dnsmasq forwards your LoKO domain to the in-cluster dnsmasq host port.

Testing DNS Resolution

Section titled “Testing DNS Resolution”

Using dig

Section titled “Using dig”
Terminal window
# Test resolution
dig postgres.dev.me


# Should return your local IP
dig +short postgres.dev.me
# Output: 192.168.0.10

Using nslookup

Section titled “Using nslookup”
Terminal window
nslookup postgres.dev.me

Using curl

Section titled “Using curl”
Terminal window
# Test HTTP endpoint
curl http://traefik.dev.me


# Test HTTPS with cert
curl https://postgres.dev.me:5432

Troubleshooting DNS

Section titled “Troubleshooting DNS”

DNS Not Resolving

Section titled “DNS Not Resolving”
Terminal window
# Check dnsmasq pod
kubectl get pods -n loko-components -l app.kubernetes.io/name=dnsmasq


# Check CoreDNS pods
kubectl get pods -n kube-system -l k8s-app=kube-dns


# Check dynamic hosts ConfigMap
kubectl get configmap loko-dynamic-hosts -n loko-components -o yaml


# Recreate DNS
loko dns recreate

Port Conflicts

Section titled “Port Conflicts”

Since CoreDNS runs in-cluster, host port conflicts no longer apply to DNS itself. If you see resolver issues, check the Kind node IP is reachable:

Terminal window
# Check Kind node IP
kubectl get nodes -o wide

Wrong IP Resolved

Section titled “Wrong IP Resolved”
Terminal window
# Check configured IP
loko config ip


# Update config
vim loko.yaml  # Update network.ip


# Recreate DNS
loko dns recreate

Network Ports

Section titled “Network Ports”

Default Ports

Section titled “Default Ports”
ServicePortPurposeConfigurable
DNSauto (prefers 5453)dnsmasq host portAuto-selected
HTTP80Traefik ingressNo
HTTPS443Traefik ingressNo
K8s API6443Kubernetes APIYes (api-port)

Load Balancer Ports

Section titled “Load Balancer Ports”
network:
    lb-ports:
      - 80
      - 443
      - 8080  # Additional port

Port Conflicts

Section titled “Port Conflicts”

Check all ports before creating environment:

Terminal window
loko config port-check

Accessing Services

Section titled “Accessing Services”

Via DNS

Section titled “Via DNS”
Terminal window
# PostgreSQL
psql -h postgres.dev.me -U postgres


# MySQL
mysql -h mysql.dev.me -u root -p


# HTTP service
curl http://myapp.dev.me

Via Port Forward

Section titled “Via Port Forward”

When DNS isn’t configured:

Terminal window
kubectl port-forward svc/postgres 5432:5432 -n common-services
psql -h localhost -p 5432 -U postgres

Via Cluster IP (Internal)

Section titled “Via Cluster IP (Internal)”

From within the cluster:

Terminal window
kubectl run -it --rm debug --image=postgres:15 -- bash
psql -h postgres.common-services.svc.cluster.local

Advanced Configuration

Section titled “Advanced Configuration”

Multiple Networks

Section titled “Multiple Networks”
# loko-wifi.yaml
network:
    ip: 192.168.0.10
    domain: dev-wifi.me


# loko-ethernet.yaml
network:
    ip: 10.0.0.100
    domain: dev-eth.me

Integration with Certificates

Section titled “Integration with Certificates”

DNS and certificates work together:

%% title: DNS & Certificate Integration %%
graph LR
    User[User] -->|https://postgres-ui.dev.me| Browser
    Browser -->|DNS Lookup| CoreDNS[CoreDNS]
    CoreDNS -->|IP: 192.168.0.10| Browser
    Browser -->|TLS Handshake| Traefik
    Traefik -->|*.dev.me Cert| Browser
    Browser -.Valid Cert.-> User

    classDef userStyle fill:#0288d1,stroke:#01579b,color:#fff
    classDef dnsStyle fill:#8e24aa,stroke:#6a1b9a,color:#fff
    classDef traefikStyle fill:#3949ab,stroke:#283593,color:#fff

    class User,Browser userStyle
    class CoreDNS dnsStyle
    class Traefik traefikStyle

Next Steps

Section titled “Next Steps”