Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sync DNS Resolver Nameserver List #450

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Sync DNS Resolver Nameserver List #450

wants to merge 7 commits into from

Conversation

fatanugraha
Copy link
Contributor

@fatanugraha fatanugraha commented Jan 9, 2025
edited
Loading

gvisor-tap-vsock only reads the /etc/resolv.conf during init time and does not subscribe into the changes that is made on that file. That is fine, but if i start gvisor-tap-vsock before I connected to my work VPN (which modifies /etc/resolv.conf) after I connected to the VPN i will no longer be able to resolve any DNS queries made from my VM because the original IP that gvisor-tap-vsock is using is no longer reachable once I connected to my work VPN.

gvisor-tap-vsock log:

time="2025-01-07T16:57:43+08:00" level=error msg="Error during DNS Exchange: read udp <my-ip>:52316->192.168.50.1:53: i/o timeout"

In this PR, I added functionality to ensure that the nameservers that we use to resolve DNS queries are up-to-date with the content of the /etc/resolv.conf

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Jan 9, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: fatanugraha
Once this PR has been reviewed and has the lgtm label, please assign cfergeau for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@fatanugraha fatanugraha mentioned this pull request Jan 9, 2025
Open
@fatanugraha fatanugraha force-pushed the main branch 3 times, most recently from d8ee81b to a5c7dc6 Compare January 9, 2025 10:16
fatanugraha
fatanugraha commented Jan 9, 2025
View reviewed changes
pkg/utils/filewatcher.go
Comment on lines +30 to +35
// Ensure that the target that we're watching is not a symlink as we won't get any events when we're watching
// a symlink.
fileRealPath, err := filepath.EvalSymlinks(fw.path)
if err != nil {
return fmt.Errorf("adding watcher failed: %s", err)
}
Copy link
Contributor Author

@fatanugraha fatanugraha Jan 9, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Upon testing i found out that the current hot-reload functionality of /etc/hosts are not working in mac because /etc is a symlink to /private/etc.

When we're watching /etc we won't get any events whenever /private/etc has changed.

pkg/services/dns/dns_config_unix.go
if err != nil {
return []string{}, err
}
var hosts = make([]string, len(conf.Servers))
hosts := make([]string, 0, len(conf.Servers))
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this subtle bug caused the first few entries of nameservers to be empty string.

@fatanugraha
Add filewatcher utility
b59997c 
Signed-off-by: Fata Nugraha <[email protected]>
@fatanugraha
Use filewatcher utils for hosts file reloader
b232c58 
Signed-off-by: Fata Nugraha <[email protected]>
@fatanugraha
Ensure nameserver list are synced
ef520a2 
Signed-off-by: Fata Nugraha <[email protected]>
@fatanugraha
Fix lint issues
32fa26a 
Signed-off-by: Fata Nugraha <[email protected]>
@fatanugraha
resolve symlinks
79a7988 
Signed-off-by: Fata Nugraha <[email protected]>
@fatanugraha
Remove blank entry in nameservers
ac7404b 
Signed-off-by: Fata Nugraha <[email protected]>
@fatanugraha
Add logs
e7bf941 
Signed-off-by: Fata Nugraha <[email protected]>
@evidolob evidolob self-requested a review January 10, 2025 07:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@evidolob evidolob Awaiting requested review from evidolob

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@fatanugraha