From ec39ac4d9539b17a091418dd158bd60c96589bdb Mon Sep 17 00:00:00 2001 From: Davlet Panech Date: Fri, 22 Apr 2022 11:01:48 -0400 Subject: [PATCH] debian: better resolv.conf in builder containers Add option ndots:1 to /etc/resolv.conf This fixes a few issues with DNS queries within docker containers. Normally when looking up a host name such as "debian.org", libc appends the search domains from /etc/resolv.conf to the host name, then makes a separate query for each "long" name. For example, if "search" in /etc/resolv.conf contains "domain1.org domain2.org", we make 3 queries when looking for debian.org's IP addr: - debian.org.domain1.org (fail) - debian.org.domain2.org (fail) - debian.org (success) Setting "ndots:1" makes it send the last unqualified query before the other queries with appended search domains -- for any names that contain >= 1 dot. This patch solves 2 problems: (1) In Alpine Linux (used by the "docker" pod), libc has a limitation: the domain search list can't have more than 5 entries. If it does it stops sending any more DNS queries and the last (unqualified) query never happens, so many hostname lookups fail. (2) These extra queries are not necessary a lot of the time, so this patch makes host name lookups faster TESTS =============================== - Rebuild all containers - Rebuild packages and the ISO - Make sure DNS queries work in all containers Story: 2009897 Task: 45156 Signed-off-by: Davlet Panech Change-Id: I7dd72b8fcc776821138c362c3aec9f4e5962a319 --- .../stx-aptly/stx-repomgr/templates/deployment.yaml | 3 +++ .../dependency_chart/stx-aptly/stx-repomgr/values.yaml | 5 +++++ .../dependency_chart/stx-docker/templates/deployment.yaml | 3 +++ .../stx-builder/dependency_chart/stx-docker/values.yaml | 5 +++++ .../dependency_chart/stx-lat-tool/templates/deployment.yaml | 3 +++ .../stx-builder/dependency_chart/stx-lat-tool/values.yaml | 5 +++++ .../stx-pkgbuilder/templates/deployment.yaml | 3 +++ .../stx-builder/dependency_chart/stx-pkgbuilder/values.yaml | 5 +++++ .../stx-pulp/stx-repomgr/templates/deployment.yaml | 3 +++ .../dependency_chart/stx-pulp/stx-repomgr/values.yaml | 5 +++++ .../stx-builder/templates/deployment.yaml | 3 +++ stx/stx-build-tools-chart/stx-builder/values.yaml | 5 +++++ 12 files changed, 48 insertions(+) diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-aptly/stx-repomgr/templates/deployment.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-aptly/stx-repomgr/templates/deployment.yaml index 0f22b97b..290db2f1 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-aptly/stx-repomgr/templates/deployment.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-aptly/stx-repomgr/templates/deployment.yaml @@ -41,6 +41,9 @@ spec: resources: {{- toYaml .Values.resources | nindent 12 }} + dnsConfig: + {{- toYaml .Values.dnsConfig | nindent 8 }} + volumes: - name: {{ .Values.volumes.name }} hostPath: diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-aptly/stx-repomgr/values.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-aptly/stx-repomgr/values.yaml index 172ae31f..76c8e297 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-aptly/stx-repomgr/values.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-aptly/stx-repomgr/values.yaml @@ -26,6 +26,11 @@ volumes: podAnnotations: {} +dnsConfig: + options: + - name: ndots + value: "1" + podSecurityContext: {} # fsGroup: 2000 diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-docker/templates/deployment.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-docker/templates/deployment.yaml index 99255f95..1ac52e49 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-docker/templates/deployment.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-docker/templates/deployment.yaml @@ -50,6 +50,9 @@ spec: resources: {{- toYaml .Values.resources | nindent 12 }} + dnsConfig: + {{- toYaml .Values.dnsConfig | nindent 8 }} + volumes: - name: shared-workspace hostPath: diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-docker/values.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-docker/values.yaml index 6fa4552c..53db945d 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-docker/values.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-docker/values.yaml @@ -24,6 +24,11 @@ services: type: ClusterIP port: 2375 +dnsConfig: + options: + - name: ndots + value: "1" + insecureRegistries: # - "registry.address:port" diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/deployment.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/deployment.yaml index 6de3e742..e8abed0a 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/deployment.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/deployment.yaml @@ -43,6 +43,9 @@ spec: resources: {{- toYaml .Values.resources | nindent 12 }} + dnsConfig: + {{- toYaml .Values.dnsConfig | nindent 8 }} + volumes: - name: {{ .Values.volumes.name }} hostPath: diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/values.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/values.yaml index e97e5df1..974633f4 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/values.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/values.yaml @@ -31,6 +31,11 @@ fullnameOverride: "" podAnnotations: {} +dnsConfig: + options: + - name: ndots + value: "1" + podSecurityContext: {} # fsGroup: 2000 diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pkgbuilder/templates/deployment.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pkgbuilder/templates/deployment.yaml index 6838f574..5052127e 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pkgbuilder/templates/deployment.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pkgbuilder/templates/deployment.yaml @@ -45,6 +45,9 @@ spec: resources: {{- toYaml .Values.resources | nindent 12 }} + dnsConfig: + {{- toYaml .Values.dnsConfig | nindent 8 }} + volumes: - name: {{ .Values.volumes.workspace.name }} hostPath: diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pkgbuilder/values.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pkgbuilder/values.yaml index bb9241eb..ff0d25a4 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pkgbuilder/values.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pkgbuilder/values.yaml @@ -41,6 +41,11 @@ fullnameOverride: "" podAnnotations: {} +dnsConfig: + options: + - name: ndots + value: "1" + podSecurityContext: {} # fsGroup: 2000 diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pulp/stx-repomgr/templates/deployment.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pulp/stx-repomgr/templates/deployment.yaml index 8ccc214a..b991738d 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pulp/stx-repomgr/templates/deployment.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pulp/stx-repomgr/templates/deployment.yaml @@ -47,6 +47,9 @@ spec: resources: {{- toYaml .Values.resources | nindent 12 }} + dnsConfig: + {{- toYaml .Values.dnsConfig | nindent 8 }} + volumes: - name: {{ .Values.volumes.name }} configMap: diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pulp/stx-repomgr/values.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pulp/stx-repomgr/values.yaml index 4f5a5219..de5fc77c 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pulp/stx-repomgr/values.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-pulp/stx-repomgr/values.yaml @@ -40,6 +40,11 @@ fullnameOverride: "" podAnnotations: {} +dnsConfig: + options: + - name: ndots + value: "1" + podSecurityContext: {} # fsGroup: 2000 diff --git a/stx/stx-build-tools-chart/stx-builder/templates/deployment.yaml b/stx/stx-build-tools-chart/stx-builder/templates/deployment.yaml index a90023ce..2827373c 100644 --- a/stx/stx-build-tools-chart/stx-builder/templates/deployment.yaml +++ b/stx/stx-build-tools-chart/stx-builder/templates/deployment.yaml @@ -48,6 +48,9 @@ spec: resources: {{- toYaml .Values.resources | nindent 12 }} + dnsConfig: + {{- toYaml .Values.dnsConfig | nindent 8 }} + volumes: - name: {{ .Values.volumes.workspace.name }} hostPath: diff --git a/stx/stx-build-tools-chart/stx-builder/values.yaml b/stx/stx-build-tools-chart/stx-builder/values.yaml index 8904b180..ea40f933 100644 --- a/stx/stx-build-tools-chart/stx-builder/values.yaml +++ b/stx/stx-build-tools-chart/stx-builder/values.yaml @@ -50,6 +50,11 @@ fullnameOverride: "" podAnnotations: {} +dnsConfig: + options: + - name: ndots + value: "1" + podSecurityContext: {} # fsGroup: 2000