From 86768788f98488a5888025cc325373e01cfad99d Mon Sep 17 00:00:00 2001 From: bharath-avesha <99859949+bharath-avesha@users.noreply.github.com> Date: Fri, 6 Jan 2023 15:27:31 +0530 Subject: [PATCH] fix(): Setup DNS config in resolv.conf (#2) Backed up the original resolv.conf and overwrote its contents to redirect dns queries to the cmd-nsc sidecar. This was needed because istio-proxy that runs as one of the sidecars seems to read the resolv.conf during bootup and cache the config. Any subsequent change to the resolv.conf is not picked up by the proxy. So if the cmd-nsc sidecar takes time to boot up and modify the resolv.conf for all the other containers, the istio-proxy sidecar would have read the original resolv.conf and ignored the config written by cmd-nsc. This causes name resolution to fail in istio-proxy for the domains that are serviced by a custom dns server other than the default kube-dns. Signed-off-by: Bharath Horatti Signed-off-by: Bharath Horatti --- main.go | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/main.go b/main.go index 83fe357..798f13d 100644 --- a/main.go +++ b/main.go @@ -23,8 +23,10 @@ import ( "context" "crypto/tls" "fmt" + "io/ioutil" "os" "os/signal" + "strings" "syscall" nested "github.com/antonfisher/nested-logrus-formatter" @@ -188,6 +190,7 @@ func main() { // ******************************************************************************** // Initiate connections // ******************************************************************************** + initDnsConfig := false for i := 0; i < len(rootConf.NetworkServices); i++ { // Update network services configs u := (*nsurl.NSURL)(&rootConf.NetworkServices[i]) @@ -211,7 +214,39 @@ func main() { } logger.Infof("successfully connected to %v. Response: %v", u.NetworkService(), resp) + + // Initialize DNS config only if atleast one of the responses contain a DnsContext section + if resp.GetContext().GetDnsContext() != nil { + initDnsConfig = true + } } + + if initDnsConfig { + // Copy the original resolv.conf to the backup directory so that the cmd-nsc sidecar can + // read from the backup and initialize its data structures related to dns resolution. + storeResolvConfigFile := "/etc/nsm-dns-config/resolv.conf.restore" + originalResolvConfigFile := "/etc/resolv.conf" + + originalResolvConf, err := ioutil.ReadFile(originalResolvConfigFile) + if err != nil || len(originalResolvConf) == 0 { + logger.Fatalf("failed to read resolv.conf: %v", err.Error()) + } + err = os.WriteFile(storeResolvConfigFile, originalResolvConf, os.ModePerm) + if err != nil { + logger.Fatalf("failed to write resolv.conf to backup: %v", err.Error()) + } + + // Overwrite the original resolv.conf and set the nameserver to the localhost address to + // redirect dns queries to the cmd-nsc sidecar. + var sb strings.Builder + _, _ = sb.WriteString("nameserver 127.0.0.1") + _, _ = sb.WriteRune('\n') + _, _ = sb.WriteString("options ndots:5") + err = ioutil.WriteFile(originalResolvConfigFile, []byte(sb.String()), os.ModePerm) + if err != nil { + logger.Fatalf("failed to write to original resolv.conf: %v", err.Error()) + } + } } func setLogLevel(level string) {