Clevis luks not unlocking at boot when url is specified as hostname but IP address works

[jeremyatourville]

See #412 for more details.
Client gets DNS from IdM server. Client is enrolled in IdM domain using ipa-client. IdM server is Active Directory integrated with a one way trust established and using split DNS. All DNS for Idm (linux) domain is resolved by IdM and all DNS for Windows is handled by AD.

clevis luks bind -d /dev/sda2 tang '{"url":"http://tang.srv"}'  ## DOESN'T WORK
clevis luks bind -d /dev/sda2 tang '{"url":"http://10.31.x.x."}'  ## WORKS

Seems like a timing issue of some sort related to DNS and the boot up process. Thoughts?

[sergio-correia]

Could you post the dracut modules that are part of your initramfs, please? Probably something like this could help here: lsinitrd | awk '/^Version:/,/^=/'

[jeremyatourville]

[root@gsil-yum localadm]# lsinitrd | awk '/^Version:/,/^=/'
Version: dracut-049-218.git20221019.el8_7

Arguments: --kver '4.18.0-425.19.2.el8_7.x86_64' -f -v --kernel-cmdline 'ip=10.31.x.x::10.31.8.1:255.255.255.0::ens192:none'

dracut modules:
bash
systemd
fips
systemd-initrd
nss-softokn
i18n
network-manager
network
ifcfg
drm
plymouth
clevis
clevis-pin-null
clevis-pin-sss
clevis-pin-tang
clevis-pin-tpm2
prefixdevname
crypt
dm
kernel-modules
kernel-modules-extra
kernel-network-modules
lvm
resume
rootfs-block
terminfo
udev-rules
biosdevname
dracut-systemd
usrmount
base
fs-lib
memstrack
microcode_ctl-fw_dir_override
shutdown
========================================================================
[root@gsil-yum localadm]#