-
-
Notifications
You must be signed in to change notification settings - Fork 15.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DNS resolution in a Java Docker container fails #6844
Comments
Can you describe in detail how this is done and what OS is running in the container? Assume we are not familiar with docker or your setup.
|
Hi, Sorry for the delay. A minimal
Given that, you can start the composition like:
Use option Copy the compiled code to your started docker containers. First check container names/ids:
Then copy the code:
Once the code is copied, run bash in the container (or attach to the netty-host container):
And, finally, try:
and
and
The first two work fine, whereas the last throws the exception as above. Hope it helps. |
I wasn't able to reproduce ... please advise. I'm running Docker on MacOS 10.12.5. pom.xml<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.repro</groupId>
<artifactId>netty-dns-repro</artifactId>
<version>0.1</version>
<packaging>jar</packaging>
<properties>
<netty.version>4.1.12.Final</netty.version>
</properties>
<dependencies>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-resolver-dns</artifactId>
<version>${netty.version}</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<inherited>true</inherited>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>2.3.2</version>
<configuration>
<source>1.7</source>
<target>1.7</target>
<optimize>true</optimize>
<debug>false</debug>
</configuration>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<configuration>
<archive>
<manifest>
<mainClass>com.repro.DnsRepro</mainClass>
</manifest>
</archive>
<descriptorRefs>
<descriptorRef>jar-with-dependencies</descriptorRef>
</descriptorRefs>
</configuration>
<executions>
<execution>
<id>make-assembly</id> <!-- this is used for inheritance merges -->
<phase>package</phase> <!-- bind to the packaging phase -->
<goals>
<goal>single</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
DnsRepro.javapackage com.repro;
import io.netty.channel.nio.NioEventLoopGroup;
import io.netty.channel.socket.nio.NioDatagramChannel;
import io.netty.resolver.dns.DnsNameResolver;
import io.netty.resolver.dns.DnsNameResolverBuilder;
import java.net.InetAddress;
public class DnsRepro {
private static NioEventLoopGroup bossGroup = new NioEventLoopGroup();
public static void main(String[] args) throws Exception {
DnsNameResolver res = new DnsNameResolverBuilder(bossGroup.next())
.channelType(NioDatagramChannel.class)
.build();
System.out.println("netty-dns: " +res.resolve("recomp-hdb").await().get());
InetAddress address = InetAddress.getByName("recomp-hdb");
System.out.println("java-dns:" + address.getHostAddress());
bossGroup.shutdownGracefully();
}
} stdout
|
That's strange... I've copied and pasted your pom and code, built the jar, copied it to a newly started docker composition and it crashed as previously:
I'm running the latest Docker and docker-compose on Ubuntu 16.04 which is a VirtualBox VM on my Windows 10 host:
|
I was able to reproduce the issue on a Linux VM inside a docker container. See PR #6885 for a fix. |
Motivation: The DNS resolver supports search domains. However the ndots are not correctly enforced. The search domain should only be appended under the following scenario [1]: > Resolver queries having fewer than ndots dots (default is 1) in them will be attempted using each component of the search path in turn until a match is found. The DNS resolver current appends the search domains if ndots is 0 which should never happen (because no domain can have less than 0 dots). [1] https://linux.die.net/man/5/resolv.conf Modifications: - Parse /etc/resolv.conf to get the default value for ndots on Unix platforms - The search domain shouldn't be used if ndots is 0 - Avoid failing a promise to trigger the search domain queries in DnsNameResolverContext#resolve Result: More correct usage of search domains in the DNS resolver. Fixes netty#6844.
Thanks, I passed the details to the Vertx team. Cheers, Jacek |
Motivation: The DNS resolver supports search domains. However the ndots are not correctly enforced. The search domain should only be appended under the following scenario [1]: > Resolver queries having fewer than ndots dots (default is 1) in them will be attempted using each component of the search path in turn until a match is found. The DNS resolver current appends the search domains if ndots is 0 which should never happen (because no domain can have less than 0 dots). [1] https://linux.die.net/man/5/resolv.conf Modifications: - Parse /etc/resolv.conf to get the default value for ndots on Unix platforms - The search domain shouldn't be used if ndots is 0 - Avoid failing a promise to trigger the search domain queries in DnsNameResolverContext#resolve Result: More correct usage of search domains in the DNS resolver. Fixes netty#6844.
Motivation: The DNS resolver supports search domains. However the ndots are not correctly enforced. The search domain should only be appended under the following scenario [1]: > Resolver queries having fewer than ndots dots (default is 1) in them will be attempted using each component of the search path in turn until a match is found. The DNS resolver current appends the search domains if ndots is 0 which should never happen (because no domain can have less than 0 dots). [1] https://linux.die.net/man/5/resolv.conf Modifications: - Parse /etc/resolv.conf to get the default value for ndots on Unix platforms - The search domain shouldn't be used if ndots is 0 - Avoid failing a promise to trigger the search domain queries in DnsNameResolverContext#resolve Result: More correct usage of search domains in the DNS resolver. Fixes netty#6844.
#8318) (#8319) Motivation Applications should not depend on internal packages with Java 9 and later. This cause a warning now, but will break in future versions of Java. Modification This change adds methods to UnixResolverDnsServerAddressStreamProvider (following after #6844) that parse /etc/resolv.conf for domain and search entries. Then DnsNameResolver does not need to rely on sun.net.dns.ResolverConfiguration to do this. Result Fixes #8318. Furthermore, at least in my testing with Java 11, this also makes multiple search entries work properly (previously I was only getting the first entry).
Netty version:
4.1.12.Final
Docker image:
openjdk:8-jre
Context:
Running DNS resolution in a Java docker container fails. DNS resolution should complete successfully and return the IP address of the sibling docker container. Instead it throws the following exception:
DNS resolution with plain Java code works as expected and returns the IP address.
The Netty-based code that throws the exception:
The plain Java code which works fine:
Steps to reproduce:
The text was updated successfully, but these errors were encountered: