Google.com and others stop resolving

[johnjelinek]

On some of my servers, resolvable works fine, and others, it stops resolving to external TLDs when the resolv.conf file is prepended.

[johnjelinek]

cat /etc/resolv.conf 
nameserver 172.17.0.5 # added by resolvable
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 8.8.8.8

user@ubuntu:~$ ping -c4 www.google.com
ping: unknown host www.google.com

user@ubuntu:~$ ping -c4 consul.service.consul
PING consul.service.consul (104.167.107.89) 56(84) bytes of data.
64 bytes from 104.167.107.89: icmp_seq=1 ttl=63 time=0.387 ms
64 bytes from 104.167.107.89: icmp_seq=2 ttl=63 time=0.595 ms

--- consul.service.consul ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.387/0.491/0.595/0.104 ms

user@ubuntu:~$ ping -c4 consul.service.consul
PING consul.service.consul (162.244.25.41) 56(84) bytes of data.
64 bytes from 162.244.25.41: icmp_seq=1 ttl=63 time=2.16 ms
64 bytes from 162.244.25.41: icmp_seq=2 ttl=63 time=8.34 ms

--- consul.service.consul ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 2.169/5.258/8.348/3.090 ms

[johnjelinek]

I think the issue is that the nameserver is not recursive. Is that something to change with resolvable or the DNS server that is serving to resolvable?

➜  ~  nslookup
> www.google.com
;; Got recursion not available from 172.17.0.21, trying next server
Server:     8.8.8.8
Address:    8.8.8.8#53

Non-authoritative answer:
Name:   www.google.com
Address: 173.194.43.115
Name:   www.google.com
Address: 173.194.43.112
Name:   www.google.com
Address: 173.194.43.116
Name:   www.google.com
Address: 173.194.43.113
Name:   www.google.com
Address: 173.194.43.114

[johnjelinek]

I tried installing a service like nscd and it seems to have helped with some servers, and others it didn't.

[crhuber]

I have the same issue. Is there a manual fix I can implement in the meantime?

[mgood]

Thanks for the report. You're right, resolvable doesn't implement recursion at this point, except for explicit domains forwarded to Docker containers with DNS_RESOLVES set.

We may want it to read "/etc/resolv.conf" from the container and forward to those server as well, though I'm still thinking through a couple of those details.

I appreciate the feedback, though I'll just let you know now that we haven't set this up in a production environment yet, so there may still be a few more issues like this to work out.

[mgood]

@johnjelinek as a side-note, since your resolv.conf is generated by resolvconf(8), you would also probably want to pass in a file that the resolvconf tool can merge into the generated /etc/resolv.conf instead of writing to it directly. We still need to work through some of these setups and document configuration patterns.

[johnjelinek]

If I passed it into the resolvconf head, how would I have the container auto generate the resolv.conf?

[mgood]

With c3b5ab19ebe2275ad61fb7b94512cdf347820fc0 it will read the servers from "/etc/resolv.conf" and forward to them. Though at this point it only supports one upstream server. I've opened #4 regarding multiple upstream servers.

@johnjelinek I think you'll need to run the "resolvconf" tool on the Docker host machine after "resolvable" has started, but I haven't researched the best way to do that yet. I've also opened #5 for recommendations on working with "resolvconf".