From 6caefcc4bc6208f6f9c106eec4a076fb4e99da36 Mon Sep 17 00:00:00 2001 From: Aditya R Date: Mon, 17 Oct 2022 14:39:10 +0530 Subject: [PATCH 1/2] podman: relay custom DNS servers to network stack Aardvark-dns and netavark now accepts custom DNS servers for containers via new config field `dns_servers`. New field allows containers to use custom resolvers instead of host's default resolvers. Following commit instruments libpod to pass these custom DNS servers set via `--dns` or central config to the network stack. Depends-on: * Common: https://github.com/containers/common/pull/1189 * Netavark: https://github.com/containers/netavark/pull/452 * Aardvark-dns: https://github.com/containers/aardvark-dns/pull/240 [NO NEW TESTS ADDED] [NO TESTS ADDED] Signed-off-by: Aditya R --- libpod/networking_common.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/libpod/networking_common.go b/libpod/networking_common.go index fa444e26ab..4c57079921 100644 --- a/libpod/networking_common.go +++ b/libpod/networking_common.go @@ -39,9 +39,15 @@ func (c *Container) convertPortMappings() []types.PortMapping { } func (c *Container) getNetworkOptions(networkOpts map[string]types.PerNetworkOptions) types.NetworkOptions { + nameservers := make([]string, 0, len(c.runtime.config.Containers.DNSServers)+len(c.config.DNSServer)) + nameservers = append(nameservers, c.runtime.config.Containers.DNSServers...) + for _, ip := range c.config.DNSServer { + nameservers = append(nameservers, ip.String()) + } opts := types.NetworkOptions{ ContainerID: c.config.ID, ContainerName: getCNIPodName(c), + DNSServers: nameservers, } opts.PortMappings = c.convertPortMappings() From e15256749929a9d784b198fe4111b822b149f00e Mon Sep 17 00:00:00 2001 From: Aditya R Date: Mon, 17 Oct 2022 15:12:21 +0530 Subject: [PATCH 2/2] vendor: use flouthoc/common@container_dns_server Vendor in: https://github.com/containers/common/pull/1189 [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R --- go.mod | 2 ++ go.sum | 6 ++---- .../containers/common/libnetwork/types/network.go | 3 +++ vendor/modules.txt | 3 ++- 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index d1077fd3ad..c18113382a 100644 --- a/go.mod +++ b/go.mod @@ -147,3 +147,5 @@ require ( ) replace github.com/opencontainers/runc => github.com/opencontainers/runc v1.1.1-0.20220617142545-8b9452f75cbc + +replace github.com/containers/common => github.com/flouthoc/common v0.39.1-0.20221017093729-ddd8abb9bea7 diff --git a/go.sum b/go.sum index 32b38e7cef..95d4b35bbf 100644 --- a/go.sum +++ b/go.sum @@ -409,9 +409,6 @@ github.com/containernetworking/plugins v1.1.1 h1:+AGfFigZ5TiQH00vhR8qPeSatj53eNG github.com/containernetworking/plugins v1.1.1/go.mod h1:Sr5TH/eBsGLXK/h71HeLfX19sZPp3ry5uHSkI4LPxV8= github.com/containers/buildah v1.28.0 h1:63Kpf9nAEJGsDEOArb5Q0dn5S3B9wFQc9kST4nU7+Pw= github.com/containers/buildah v1.28.0/go.mod h1:pTYSfpf+Ha/KbnMmwhhhEjkSF3NuhpxZfiDNDORLgqY= -github.com/containers/common v0.50.1/go.mod h1:XnWlXPyE9Ky+8v8MfYWJZFnejkprAkUeo0DTWmSiwcY= -github.com/containers/common v0.50.2-0.20221014181637-a6a9c521b6a5 h1:Sp6lus6zXyg+Fv3ecoPOXm+80xC23YrKtntqYQU1pCA= -github.com/containers/common v0.50.2-0.20221014181637-a6a9c521b6a5/go.mod h1:7AM52N4n4UHzAeArB1vmIw7NhDNpDxrFaycubysYgFo= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/image/v5 v5.23.0/go.mod h1:EXFFGEsL99S6aqLqK2mQJ3yrNh6Q05UCHt4mhF9JNoM= @@ -573,6 +570,8 @@ github.com/fatih/structtag v1.2.0/go.mod h1:mBJUNpUnHmRKrKlQQlmCrh5PuhftFbNv8Ys4 github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= +github.com/flouthoc/common v0.39.1-0.20221017093729-ddd8abb9bea7 h1:fFMj850IaNjJ1jIYJKY0BYyfWpTvEsXAwu29IM/XrDA= +github.com/flouthoc/common v0.39.1-0.20221017093729-ddd8abb9bea7/go.mod h1:7AM52N4n4UHzAeArB1vmIw7NhDNpDxrFaycubysYgFo= github.com/flynn/go-docopt v0.0.0-20140912013429-f6dd2ebbb31e/go.mod h1:HyVoz1Mz5Co8TFO8EupIdlcpwShBmY98dkT2xeHkvEI= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= @@ -1352,7 +1351,6 @@ github.com/onsi/ginkgo/v2 v2.0.0/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3 github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU= github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= -github.com/onsi/ginkgo/v2 v2.2.0/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= github.com/onsi/ginkgo/v2 v2.3.0/go.mod h1:Eew0uilEqZmIEZr8JrvYlvOM7Rr6xzTmMV8AyFNU9d0= github.com/onsi/ginkgo/v2 v2.3.1 h1:8SbseP7qM32WcvE6VaN6vfXxv698izmsJ1UQX9ve7T8= github.com/onsi/ginkgo/v2 v2.3.1/go.mod h1:Sv4yQXwG5VmF7tm3Q5Z+RWUpPo24LF1mpnz2crUb8Ys= diff --git a/vendor/github.com/containers/common/libnetwork/types/network.go b/vendor/github.com/containers/common/libnetwork/types/network.go index 2e8948998a..4020434008 100644 --- a/vendor/github.com/containers/common/libnetwork/types/network.go +++ b/vendor/github.com/containers/common/libnetwork/types/network.go @@ -226,6 +226,9 @@ type NetworkOptions struct { // Networks contains all networks with the PerNetworkOptions. // The map should contain at least one element. Networks map[string]PerNetworkOptions `json:"networks"` + // List of custom DNS server for podman's DNS resolver. + // Priority order will be kept as defined by user in the configuration. + DNSServers []string `json:"dns_servers"` } // PortMapping is one or more ports that will be mapped into the container. diff --git a/vendor/modules.txt b/vendor/modules.txt index c30de1550e..806d9d70f9 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -117,7 +117,7 @@ github.com/containers/buildah/pkg/rusage github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/util -# github.com/containers/common v0.50.2-0.20221014181637-a6a9c521b6a5 +# github.com/containers/common v0.50.2-0.20221014181637-a6a9c521b6a5 => github.com/flouthoc/common v0.39.1-0.20221017093729-ddd8abb9bea7 ## explicit; go 1.17 github.com/containers/common/libimage github.com/containers/common/libimage/define @@ -971,3 +971,4 @@ gopkg.in/yaml.v3 ## explicit; go 1.12 sigs.k8s.io/yaml # github.com/opencontainers/runc => github.com/opencontainers/runc v1.1.1-0.20220617142545-8b9452f75cbc +# github.com/containers/common => github.com/flouthoc/common v0.39.1-0.20221017093729-ddd8abb9bea7