libpod,netavark: correctly set /etc/resolv.conf for custom dns server and make --dns functional
#16297
Conversation
openshift-ci
bot
added
release-note
approved
flouthoc
changed the title
/etc/resolv.conf for custom dns server when using netavark/aardvark-dns/etc/resolv.conf for custom dns server and make --dns functional
|
Following PR needs |
In case of |
flouthoc
force-pushed
the
netavark-custom-dns
branch
from
401ce6e
to
1938e9b
Compare
@Luap99 Problem with skipping is that I will also have to skip some older nameserver tests as well since now nameservers are being returned from |
|
Lets wait then, there is no rush to get this in, the next feature release is 4.4 which I assume is at least over a month away. |
vrothberg
changed the title
/etc/resolv.conf for custom dns server and make --dns functional/etc/resolv.conf for custom dns server and make --dns functional
openshift-ci
bot
added
the
do-not-merge/work-in-progress
flouthoc
force-pushed
the
netavark-custom-dns
branch
from
18544c4
to
2fbe263
Compare
|
I think CI should pass if new |
flouthoc
changed the title
/etc/resolv.conf for custom dns server and make --dns functional/etc/resolv.conf for custom dns server and make --dns functional
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
|
Just leaving a reminder that we promised to have this upstream for QE testing on November 28. @flouthoc , if that's not likely to happen, that's fine, but we'll just need to adjust expectations. |
@TomSweeneyRedHat Recently there was change of requirements for original RFE so this PR does not covers the epic, this is the old implementation before requirements were changed so this PR might not be applicable for epic anymore but still needed for docker compat. Scope of new RFE is bigger and requirement is still under consideration, work on that part has not been started yet so definitely it will not make it on nov28. But I am not aware when requirements will be finalized but @baude can help better here. Overall this PR is still needed for docker compatibility so I think this will be still merged. |
flouthoc
force-pushed
the
netavark-custom-dns
branch
from
2fbe263
to
2ef38c1
Compare
openshift-merge-robot
added
the
needs-rebase
|
A friendly reminder that this PR had no activity for 30 days. |
|
What's going on here - is this abandoned in favor of a newer PR? |
|
This is still needed AFAIK |
|
@mheon This is still needed but needs newer versions of |
|
when you rebase and make sure test passes with newer nv/av I am fine with merging this with the test skipped like the other PR. |
Aardvark-dns and netavark now accepts custom DNS servers for containers via new config field `dns_servers`. New field allows containers to use custom resolvers instead of host's default resolvers. Following commit instruments libpod to pass these custom DNS servers set via `--dns` or central config to the network stack. Depends-on: * Common: containers/common#1189 * Netavark: containers/netavark#452 * Aardvark-dns: containers/aardvark-dns#240 Signed-off-by: Aditya R <arajan@redhat.com>
…server After containers/netavark#452 `netavark` is incharge of deciding `custom_dns_servers` if any so lets honor that and libpod should not set these manually. This also ensures docker parity Podman populates container's `/etc/resolv.conf` with custom DNS servers ( specified via `--dns` or `dns_server` in containers.conf ) even when container is connected to a network where `dns_enabled` is `true`. Current behavior does not matches with docker, hence following commit ensures that podman only populates custom DNS server when container is not connected to any network where DNS is enabled and for the cases where `dns_enabled` is `true` the resolution for custom DNS server will happen via ( `aardvark-dns` or `dnsname` ). Reference: https://docs.docker.com/config/containers/container-networking/#dns-services Closes: containers#16172 Signed-off-by: Aditya R <arajan@redhat.com>
Set search domain irrespective of nameservers. Signed-off-by: Aditya R <arajan@redhat.com>
flouthoc
force-pushed
the
netavark-custom-dns
branch
from
2ef38c1
to
e2c44c3
Compare
openshift-merge-robot
removed
the
needs-rebase
|
Failing tests seems unrelated. |
flouthoc
force-pushed
the
netavark-custom-dns
branch
4 times, most recently
from
db19977
to
47bbbb2
Compare
|
I think this should become green now. |
Signed-off-by: Aditya R <arajan@redhat.com>
flouthoc
force-pushed
the
netavark-custom-dns
branch
from
47bbbb2
to
b7ab889
Compare
|
@Luap99 @containers/podman-maintainers PTAL |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: flouthoc, Luap99 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/lgtm |
github-actions
bot
added
the
locked - please file new issue/PR
Following PR ensures two things
podman: relay custom DNS servers to network stack
via new config field
dns_servers. New field allows containers to usecustom resolvers instead of host's default resolvers.
dns_serversfor containers netavark#452and aardvark-dns: add support for container's custom
dns_serversaardvark-dns#240libpod,netavark: correctly populate /etc/resolv.conf with custom dns server
dns_serversfor containers netavark#452netavarkisincharge of deciding
custom_dns_serversif any so lets honor that andlibpod should not set these manually.
This also ensures docker parity since Podman populates container's
/etc/resolv.confwith custom DNS servers( specified via
--dnsordns_serverin containers.conf ) even when container is connected to a network wheredns_enabledistrue. Current behavior does not matches with docker, hence following commit ensures that podman only populates custom DNS server when container is not connected to any network where DNS is enabled and for the cases wheredns_enabledistruethe resolution for custom DNS server will happen via (
aardvark-dns).Reference: https://docs.docker.com/config/containers/container-networking/#dns-services
Closes: #16172
Closes: RFC in BZ#2128675