dns cache bug in rancher-dns clobbers external links

[oskapt]

Steps

• create a service called target
• create a service called a
• create a service called b with an external link that points any real FQDN to target (www.rancher.com, for example)
• make sure that all of these services (or at least a and b) land on the same host
• from the shell on a ping the FQDN
  • you'll get a reply from the public IP
• from the shell on b ping the FQDN
  • you'll get a reply from the public IP

Expected Results

• b should return a response from the private IP of target

Notes

• Depending on the order of the queries, b might initially receive the correct IP from the cache, but after the cache expires, it can receive the wrong IP after a queries and receives the public IP. This shows up on systems as intermittent failures in services that rely on the internal IP.

[deniseschannon]

Available in network-services v0.2.6, with rancher/dns:v0.15.2

[sangeethah]

Tested with rancher server - v1.6.8-rc1 with rancher/dns:v0.15.2.

dns comes with Default TTL of 1 second now which is applied to both upstream DNS and internal DNS look up.

Tested the following scenario:
Make sure all the services used in this test land in the same host:
create a service called test1
create a service called test2
create a service called test3 with an external link that points any real FQDN -www.rancher.com to test1.

from the shell on containers of service test2 - ping the www.rancher.com-we get a reply from the public IP which is as expected.
from the shell on containers of service test3 - ping the www.rancher.com- we get a reply from managed ip of container of service test1 as expected.

Above scenario also works as expected when TTL is modified to 300 seconds.

@oskapt , fix will be available in rancher/dns:v0.15.2 which will be available in next rancher-server release - v1.6.8.