[deployments-k8s#2412] Fix DNS #1054
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bolodya1997
force-pushed
the
deployments-k8s#2412/resolv-conf
branch
from
f60916d
to
9919744
Compare
Bolodya1997
force-pushed
the
deployments-k8s#2412/resolv-conf
branch
from
9919744
to
871b196
Compare
glazychev-art
approved these changes
Aug 6, 2021
denis-tingaikin
requested changes
Aug 8, 2021
| @@ -73,7 +73,7 @@ func Test_DNSUsecase(t *testing.T) { | |||
| err = ioutil.WriteFile(resolveConfigPath, []byte("nameserver 8.8.4.4\nsearch example.com\n"), os.ModePerm) | |||
| require.NoError(t, err) | |||
|
|
|||
| const expectedCorefile = ". {\n\tforward . 8.8.4.4\n\tlog\n\treload\n}\nmy.domain1 {\n\tfanout . 8.8.4.4 8.8.8.8\n\tlog\n}" | |||
| const expectedCorefile = ". {\n\tlog\n\treload\n}\nmy.domain1 {\n\tfanout . 8.8.4.4 8.8.8.8\n\tlog\n}\n" | |||
There was a problem hiding this comment.
This looks wrong.
As I can see you're ignoring queries for any domains and it is totally incorrect.
There was a problem hiding this comment.
Here are such cases:
- Do we have some nameserver entry in
resolv.confbefore running NSM client? - Do we have some default name server set in NSM client options?
- No (nameserver), no (default name server) - such container initially has no name server, we are adding name servers only for NSM resources, other resources like
google.comare not accessible by domain name:
resolv.conf
---
nameserver 127.0.0.1
...
Corefile
---
. {
log
reload # to reload coredns on Corefile changes
}
my-coredns-service . {
...
}
...
- No (nameserver), yes (default name server) - such container initially has no name server, we are adding name servers for NSM resources + default name server for other resources like
google.com.
resolv.conf
---
nameserver 127.0.0.1
...
Corefile
---
. {
forward 1.1.1.1
log
reload
}
my-coredns-service . {
...
}
...
- Yes (nameserver), no (default name server) - such container initially has a name server, so it should still have access to
google.comafter all NSM configurations made.
resolv.conf
---
127.0.0.1 # <-- first tries this
10.96.0.10 # <-- after tries this
...
Corefile
---
. {
log
reload
}
my-coredns-service . {
...
}
...
- Yes (nameserver), yes (default name server) - such container initially has a name server, but we want to additionally configure it with NSM for using another name server as default.
resolv.conf
---
127.0.0.1
10.96.0.10
...
Corefile
---
. {
forward 1.1.1.1
log
reload
}
my-coredns-service . {
...
}
...
denis-tingaikin
approved these changes
Aug 9, 2021
nsmbot
pushed a commit
to networkservicemesh/cmd-nsc-init
that referenced
this pull request
Aug 9, 2021
…k@main PR link: networkservicemesh/sdk#1054 Commit: 31cb2ac Author: Vladimir Popov Date: 2021-08-09 15:02:54 +0700 Message: - Fix DNS (#1054) Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/sdk-kernel
that referenced
this pull request
Aug 9, 2021
…k@main PR link: networkservicemesh/sdk#1054 Commit: 31cb2ac Author: Vladimir Popov Date: 2021-08-09 15:02:54 +0700 Message: - Fix DNS (#1054) Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-nsmgr
that referenced
this pull request
Aug 9, 2021
…k@main PR link: networkservicemesh/sdk#1054 Commit: 31cb2ac Author: Vladimir Popov Date: 2021-08-09 15:02:54 +0700 Message: - Fix DNS (#1054) Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-registry-proxy-dns
that referenced
this pull request
Aug 9, 2021
…k@main PR link: networkservicemesh/sdk#1054 Commit: 31cb2ac Author: Vladimir Popov Date: 2021-08-09 15:02:54 +0700 Message: - Fix DNS (#1054) Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-nse-vfio
that referenced
this pull request
Aug 9, 2021
…k@main PR link: networkservicemesh/sdk#1054 Commit: 31cb2ac Author: Vladimir Popov Date: 2021-08-09 15:02:54 +0700 Message: - Fix DNS (#1054) Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-nse-icmp-responder
that referenced
this pull request
Aug 9, 2021
…k@main PR link: networkservicemesh/sdk#1054 Commit: 31cb2ac Author: Vladimir Popov Date: 2021-08-09 15:02:54 +0700 Message: - Fix DNS (#1054) Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/sdk-k8s
that referenced
this pull request
Aug 9, 2021
…k@main PR link: networkservicemesh/sdk#1054 Commit: 31cb2ac Author: Vladimir Popov Date: 2021-08-09 15:02:54 +0700 Message: - Fix DNS (#1054) Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-nsmgr-proxy
that referenced
this pull request
Aug 9, 2021
…k@main PR link: networkservicemesh/sdk#1054 Commit: 31cb2ac Author: Vladimir Popov Date: 2021-08-09 15:02:54 +0700 Message: - Fix DNS (#1054) Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-registry-memory
that referenced
this pull request
Aug 9, 2021
…k@main PR link: networkservicemesh/sdk#1054 Commit: 31cb2ac Author: Vladimir Popov Date: 2021-08-09 15:02:54 +0700 Message: - Fix DNS (#1054) Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
This was referenced Aug 9, 2021
denis-tingaikin
added a commit
to denis-tingaikin/sdk
that referenced
this pull request
May 12, 2022
This reverts commit 31cb2ac.
9 tasks
denis-tingaikin
added a commit
to denis-tingaikin/sdk
that referenced
this pull request
May 12, 2022
Signed-off-by: Denis Tingaikin <denis.tingajkin@xored.com>
edwarnicke
pushed a commit
that referenced
this pull request
May 13, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Fixes DNS logic:
Old logic:
This is incorrect, because:
127.0.0.1nameserver entry inresolv.confin such case.cmd-nsc-init+cmd-nsccase we havea.a.a.a==127.0.0.1at thecmd-nscstartup, so we have such files:In such case we have no access to any OS default NS servers (we even cannot ping
google.com) and it leads to loop DNS queries.New logic:
Issue link
Closes networkservicemesh/deployments-k8s#2412.
How Has This Been Tested?
Types of changes