New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use correct domain root-servers.net for DNS probes #1163
Conversation
Signed-off-by: Andreas Karis <ak.karis@gmail.com>
Hi @andreaskaris. Thanks for your PR. I'm waiting for a nmstate member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Why do I get Can't find root-servers.net (same for root-server.net).
however, root-servers.org, a.root-servers.net, b.root-servers.net, etc work (see below)
Personally it's my opinion to not hardcode values. Allow this to be configurable for the user (and allow them to disable DNS check if they so wish). I ran into this very issue here |
/retest |
The dns probe is auto disabled if it's not working before apply, so we hare safe here. As a follow up of this we can add a field to the NMState CR to sepcify the endpoint for the DNS probe. |
This is weird I am sure this was working before, did the change the name ? |
Thanks for the response and for putting in a field to specify the endpoint in a future release (hopefully soon :)). For this particular PR, I am glad to see the change is now "root-servers.org" that's that correct one Regarding dns probe auto disabled before apply, I'm not sure this is working otherwise I wouldn't be seeing dns probe failures (it would be skipped but it's not) see #1164 |
Can you retest it ? maybe you were runnig it when You have to see at your logs "WARNING not selecting dns probe" |
/retest golang hiccup
|
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: qinqon The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/retest
|
I'm pretty sure it's root-servers.net, you need to run an NS lookup, not a normal lookup:
I got no clue why this was working before, but the official domain afaict was always root-servers.net
From what I see, it's also still an issue:
From what I saw in my tests, the DNS probe is run on startup and when it fails it auto-disabled. I dunno what happens if stuff is already running and then things go down |
/retest |
@andreaskaris: Cannot trigger testing until a trusted user reviews the PR and leaves an In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/retest centos 9 stream issues |
Ahh right, it was not a normal lookup, maybe we were having a false possitive here and "dns" probe was always disabled since root-server.net do not exist /hold Can you change it back to .net ? |
/ok-to-test |
/hold cancel |
/retest Pretty bad day
|
/retest-failed |
/retest-required |
/retest |
nslookup fails with root-servers.net. It passes with root-servers.org. Here is my output
Also the comment that it will skip DNS lookup if it fails at the start. I know the code is there but it's not working. |
@k8scoder192 You are querying
As I stated earlier (and as you can see in the code snippet), the go code does an root-servers.org is that website here https://root-servers.org/ but we care about the root entry of the dns server list and not about the website:
|
/retest |
Yes but what I saw is that it'll throw an error and then happily continues with the probe disabled.
But eventually it shows:
And then works by ignoring the DNS probe in the future. But I tested this with downstream OpenShift so I can't tell if there's a difference upstream |
Agreed, the handler pod, will try a few times then fail DNS and move to ping. The problem is the amount of time until it moves on to the next probe (ping). It's > 5 min. If you are talking about something else, I apologize, I'm specifically referring to the handler pod when looking at the logs. My code looks at event streams and it 5+ min is very long before it sees
I want to thank you for your feedback and looking into all of this. Much appreciated. |
Ah so it's not that the container crashes or anything, but that it takes a long time to start up due to the failed (and skipped) DNS probe. Yeah, then we're on the same page :-) I guess some follow-up is indeed needed to this here, but (if CI actually let me) I just wanted to push a quick fix to the issue at hand |
/retest |
1 similar comment
/retest |
/retest The centos 9 stream RPM issue has being fixed upstream, but looks like we have e2e test issue at main |
@qinqon @andreaskaris great to see this was merged. Do you know when a release will be created? |
Signed-off-by: Andreas Karis <ak.karis@gmail.com> (cherry picked from commit 1bcf612)
[4.12] OCPBUGS-22480: Use correct domain root-servers.net for DNS probes (nmstate#1163)
Is this a BUG FIX or a FEATURE ?:
/kind bug
Closes #1164
What this PR does / why we need it:
Special notes for your reviewer:
Release note:
NONE
Fix for https://issues.redhat.com/browse/OCPBUGS-11272
At time of this writing (both in OpenShift QE and from my laptop) we can see that root-server.net returns nothing:
The correct domain is root-servers.net (plural) anyway: https://www.iana.org/domains/root/servers