Closed ttys3 closed 9 months ago
jdoss
commented
10 months ago Why would you want to set this in the plugin section of the nomad config when you can just set DNS via https://developer.hashicorp.com/nomad/docs/job-specification/network#dns-1 in the networking block of the job?
ttys3
commented
10 months ago Why would you want to set this in the plugin section of the nomad config when you can just set DNS via https://developer.hashicorp.com/nomad/docs/job-specification/network#dns-1 in the networking block of the job?
Do you think I am unaware of this configuration option? No, I am not. When I submitted this PR, I had already been using this solution for almost two years. The issue is that this DNS configuration must be global; I do not need to set different DNS for different services. Additionally, I do not want containers to directly use the upstream gateway's DNS because I want to use Consul DNS for service resolution. It is clearly not practical to configure DNS for each task within each job.
the arch is:
+-----------------+
| Nomad Cluster |
+-----------------+
|
|
|
v
+------------------------+
| |
| app deployed via |
| nomad cluster |
| |
+------------------------+
|
|
|
+------------------------+ v
| | +-----------------+
| Container App |<--+ Consul Catalog |
| | +-----------------+
| Query DNS via Consul |
+------------------------+
|
|
|
v
+---------------+
| |
| Consul DNS |
| |
+---------------+
|
|
|
v
+---------------+
| |
| DNS Response |
| |
+---------------+ yes, I also have CNI network and uses flannel network fabric, so different nomad node machine can commuicate with each other via the cluster network.
shoenig
commented
9 months ago The docker task driver also already has a dns_servers config option; it would make sense to make it available for podman too.
shoenig
commented
9 months ago Also @ttys3 if you don't mind rebasing on main; there's some CI fixes in there to help getting tests working again.
jdoss
commented
9 months ago Do you think I am unaware of this configuration option? No, I am not. When I submitted this PR, I had already been using this solution for almost two years.
No need to get defensive. Your original PR had zero details on why this was needed and I was simply asking to better understand your use-case and the reason for the PR. Thank you for taking the time to explain why. I appreciate it.
ttys3
commented
9 months ago Do you think I am unaware of this configuration option? No, I am not. When I submitted this PR, I had already been using this solution for almost two years.
No need to get defensive. Your original PR had zero details on why this was needed and I was simply asking to better understand your use-case and the reason for the PR. Thank you for taking the time to explain why. I appreciate it.
Sorry my previous reply was a bit unkind. I take back what I said before.
ttys3
commented
9 months ago Also @ttys3 if you don't mind rebasing on main; there's some CI fixes in there to help getting tests working again.
@shoenig rebased and formated, PTAL
so we can config dns for containers like: