search

crc-org / crc

CRC is a tool to help you run containers. It manages a local OpenShift 4.x cluster, Microshift or a Podman VM optimized for testing and development purposes
https://crc.dev
Apache License 2.0
1.25k stars 236 forks source link

Vsock network mode does not allow custom/override nameservers #1879

Open gbraad opened 3 years ago

gbraad commented 3 years ago

When started with -n 10.0.21.2, the startup log shows:

INFO Adding 10.0.21.2 as nameserver to the instance ...

but when checked, the VM contains

search crc.testing
nameserver 192.168.127.1
guillaumerose commented 3 years ago

The VM is correct. However, the daemon should ask the nameserver you provided instead of the system one. https://github.com/code-ready/gvisor-tap-vsock/blob/master/pkg/services/dns/dns.go#L71

Also, I am not sure we should keep this setting esp. with vsock. This was added as a workaround of Windows bug. Vsock mode is just using the same DNS as other apps on your system. If you want to change it, change it for your whole system.

gbraad commented 3 years ago

it happens here that we set the DNS file from dns/dns.go:

func RunPostStart(serviceConfig services.ServicePostStartConfig) error {
    if err := setupDnsmasq(serviceConfig); err != nil {
        return err
    }

    if err := runPostStartForOS(serviceConfig); err != nil {
        return err
    }

    resolvFileValues, err := getResolvFileValues(serviceConfig)
    if err != nil {
        return err
    }
    // override resolv.conf file
    return network.CreateResolvFileOnInstance(serviceConfig.SSHRunner, resolvFileValues)
}

as part of the machine.go:

    // Run the DNS server inside the VM
    if err := dns.RunPostStart(servicePostStartConfig); err != nil {
        return nil, errors.Wrap(err, "Error running post start")
    }

so, likely this got run anyway? But yes, I am doubtful if this option should remain. Though, it wasn't for Windows only, but actually more often on macOS that the DNS didn't work as expected.

guillaumerose commented 3 years ago

dns.RunPostStart behaviour is different when running in vsock mode: dnsmasq doesn't start and the DNS is hardcoded to be the on in the daemon. I had to do this for compatibility between the 2 modes.

When calling machine.Start, if the user set a nameserver, crc should fail and tell him why: The DNS server used in vsock mode is a fake-one that makes all processes inside the VM to act (on a DNS point of view) as they were running on the host. nslookup on the host and nslookup in the VM should return exactly the same thing (except for the TTL).

If the user wants to change the DNS, he should change it on the host in the system settings. It will be used automatically by crc, without any reboot.

gbraad commented 3 years ago

the file is created with the header:

$ cat /etc/resolv.conf
# Generated by CRC

too in the case of vsock. This is confusing if so. Where is this one generated or pushed to the guest?

guillaumerose commented 3 years ago

vsock also generates it and add the gateway IP as the DNS server. In all cases, this is pushed by crc start to the guest.

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

gbraad commented 3 years ago

This isn't documented

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.