Infra DNS resolvers should be specified first in the upstream_dns_servers var
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
fuel-ccp |
New
|
Undecided
|
Unassigned |
Bug Description
Use case: Deploying CCP Openstack from infra docker registries to be resolved via a custom intranet DNS server (hereafter the_given_
Steps to repro:
* Deploy Kubernetes by Fuel CCP installer with a custom infra DNS resolver, which is configured in an either way of:
- nameservers: the_given_
- upstream_
Expected: docker registry name is always resolved via one of available DNS nameservers configured.
Actual (Linux distro specific): It may end up failing to resolve docker registry name, given that the_given_
$ cat /etc/resolv.conf
search default.
# Ansible nameservers BEGIN
nameserver 10.233.0.3
nameserver 8.8.8.8
nameserver 172.18.32.6
# Ansible nameservers END
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
options timeout:2
options attempts:2
Solution: Infra DNS resolvers' the_given_
For example:
nameservers: [8.8.8.8]
upstream_
OR
upstream_
The problem is in DNS split view. 8.8.8.8 resolves artifactory. mcp.mirantis. net but gives no A record. From DNS stand point there were no issues.
dig @8.8.8.8 artifactory. mcp.mirantis. net mcp.mirantis. net
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @8.8.8.8 artifactory.
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51748
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION: mcp.mirantis. net. IN A
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;artifactory.
;; AUTHORITY SECTION: domaincontrol. com. dns.jomax.net. 2016060100 28800 7200 604800 3600
mirantis.net. 1799 IN SOA pdns01.
;; Query time: 54 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Sep 26 12:16:01 CEST 2016
;; MSG SIZE rcvd: 127
if we do dig via internal nameserver it will give A record
dig @172.18.32.6 artifactory. mcp.mirantis. net
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @172.18.32.6 artifactory. mcp.mirantis. net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32400
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: mcp.mirantis. net. IN A
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;artifactory.
;; ANSWER SECTION: mcp.mirantis. net. 300 IN CNAME mcpsrv001- scc.mcp. mirantis. net. scc.mcp. mirantis. net. 2678 IN A 172.18.247.7
artifactory.
mcpsrv001-
;; Query time: 57 msec 32.6#53( 172.18. 32.6)
;; SERVER: 172.18.
;; WHEN: Mon Sep 26 12:18:32 CEST 2016
;; MSG SIZE rcvd: 101