netavark ,aardvark: accept and populate custom dns_servers for containers
#452
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: flouthoc The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Netavark now accets `dns_servers` for each container which allows containers to use custom DNS servers as resolvers instead of falling back to host's resolver. Following field allows callers to libnetwork to pass newly added field to `netavark` and `aarvark-dns` Actual feature implemented * containers/aardvark-dns#240 * containers/netavark#452 [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <[email protected]>
Netavark now accets `dns_servers` for each container which allows containers to use custom DNS servers as resolvers instead of falling back to host's resolver. Following field allows callers to libnetwork to pass newly added field to `netavark` and `aarvark-dns` Actual feature implemented * containers/aardvark-dns#240 * containers/netavark#452 [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <[email protected]>
Aardvark-dns and netavark now accepts custom DNS servers for containers via new config field `dns_servers`. New field allows containers to use custom resolvers instead of host's default resolvers. Following commit instruments libpod to pass these custom DNS servers set via `--dns` or central config to the network stack. Depends-on: * Common: containers/common#1189 * Netavark: containers/netavark#452 * Aardvark-dns: containers/aardvark-dns#240 [NO NEW TESTS ADDED] [NO TESTS ADDED] Signed-off-by: Aditya R <[email protected]>
Netavark now accets `dns_servers` for each container which allows containers to use custom DNS servers as resolvers instead of falling back to host's resolver. Following field allows callers to libnetwork to pass newly added field to `netavark` and `aarvark-dns` Actual feature implemented * containers/aardvark-dns#240 * containers/netavark#452 [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <[email protected]>
flouthoc
force-pushed
the
container-dns-servers
branch
from
5b4a3b4 to
a590eb8
Compare
I think what you want is already handled here, podman is already aware before spawning netavark if network has |
Exactly podman should never check for dns enabled, netavark should provide the exact servers that end up in resolv.conf. The podman check is much more costly since it requires a network inspect each time with locking,etc... |
flouthoc
force-pushed
the
container-dns-servers
branch
from
a590eb8 to
32dbe31
Compare
flouthoc
force-pushed
the
container-dns-servers
branch
from
32dbe31 to
89ecfe3
Compare
This is added to status_block in latest commit. |
flouthoc
force-pushed
the
container-dns-servers
branch
from
89ecfe3 to
6ec2f48
Compare
…ners Netavark now accepts `dns_servers` as part of `NetworkOptions` which contains list of comma seperated custom DNS servers for containers. Aardvark-dns will use these as resolver for a specific container instead of host's default resolver. Implements feature here: containers/aardvark-dns#240 Signed-off-by: Aditya R <[email protected]>
flouthoc
force-pushed
the
container-dns-servers
branch
from
6ec2f48 to
f6e0258
Compare
| let data = format!( | ||
| "{} {} {} {}\n", | ||
| entry.container_id, ipv4s, ipv6s, container_names | ||
| "{} {} {} {}{}\n", |
There was a problem hiding this comment.
Where are we prepending a space so that this is separated from the previous field?
There was a problem hiding this comment.
@mheon Here https://github.com/containers/netavark/pull/452/files#diff-6307ba066c1817023f2a53b2c7c6a64d35bde6cf7f443cf5b07f34b9f163513bR260 format!(" {}", dns_server_collected)
| # check aardvark config and running | ||
| run_helper cat "$NETAVARK_TMPDIR/config/aardvark-dns/podman1" | ||
| assert "${lines[0]}" =~ "10.89.3.1,fd10:88:a::1" "aardvark set to listen to all IPs" | ||
| assert "${lines[1]}" =~ "^[0-9a-f]{64} 10.89.3.2 fd10:88:a::2 somename 8.8.8.8$" "aardvark config's container" |
There was a problem hiding this comment.
We should also test at least two custom servers but since we cannot test it right now I fine with keeping like this and add a second test for this once aardvark is ready
|
/lgtm |
Aardvark-dns and netavark now accepts custom DNS servers for containers via new config field `dns_servers`. New field allows containers to use custom resolvers instead of host's default resolvers. Following commit instruments libpod to pass these custom DNS servers set via `--dns` or central config to the network stack. Depends-on: * Common: containers/common#1189 * Netavark: containers/netavark#452 * Aardvark-dns: containers/aardvark-dns#240 Signed-off-by: Aditya R <[email protected]>
…server After containers/netavark#452 `netavark` is incharge of deciding `custom_dns_servers` if any so lets honor that and libpod should not set these manually. This also ensures docker parity Podman populates container's `/etc/resolv.conf` with custom DNS servers ( specified via `--dns` or `dns_server` in containers.conf ) even when container is connected to a network where `dns_enabled` is `true`. Current behavior does not matches with docker, hence following commit ensures that podman only populates custom DNS server when container is not connected to any network where DNS is enabled and for the cases where `dns_enabled` is `true` the resolution for custom DNS server will happen via ( `aardvark-dns` or `dnsname` ). Reference: https://docs.docker.com/config/containers/container-networking/#dns-services Closes: containers#16172 Signed-off-by: Aditya R <[email protected]>
Netavark now accepts
dns_serversas part ofNetworkOptionswhich contains list of comma seperated custom DNS servers for containers. Aardvark-dns will use these as resolver for a specific container instead of host's default resolver.Implements feature here and needs: containers/aardvark-dns#240