From 32ebe1895bc2daffacf1e0654d33ce418c7ec068 Mon Sep 17 00:00:00 2001
From: Fupan Li <fupan.lfp@antgroup.com>
Date: Thu, 16 Feb 2023 11:23:11 +0800
Subject: [PATCH 1/2] agent: fix the issue of creating the dns file

We should make sure the dns's source file's parent
directory exist, otherwise, it would failed to create
the file directly.

Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
---
 src/agent/src/network.rs | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/agent/src/network.rs b/src/agent/src/network.rs
index 451b5064d0..2e617dc3bf 100644
--- a/src/agent/src/network.rs
+++ b/src/agent/src/network.rs
@@ -7,6 +7,7 @@ use anyhow::{anyhow, Result};
 use nix::mount::{self, MsFlags};
 use slog::Logger;
 use std::fs;
+use std::path;
 
 const KATA_GUEST_SANDBOX_DNS_FILE: &str = "/run/kata-containers/sandbox/resolv.conf";
 const GUEST_DNS_FILE: &str = "/etc/resolv.conf";
@@ -64,6 +65,12 @@ fn do_setup_guest_dns(logger: Logger, dns_list: Vec<String>, src: &str, dst: &st
         .map(|x| x.trim())
         .collect::<Vec<&str>>()
         .join("\n");
+
+    // make sure the src file's parent path exist.
+    let file_path = path::Path::new(src);
+    if let Some(p) = file_path.parent() {
+        fs::create_dir_all(p)?;
+    }
     fs::write(src, content)?;
 
     // bind mount to /etc/resolv.conf

From 04e930073c706fb001e3700fbc460dcd5d32ae0d Mon Sep 17 00:00:00 2001
From: Fupan Li <fupan.lfp@antgroup.com>
Date: Wed, 15 Feb 2023 11:19:41 +0800
Subject: [PATCH 2/2] sandbox: set the dns for the sandbox

The rust agent had supported to set the guest dns
server in start sandbox request, thus add the dns
in the runtime side.

Fixes:#6286

Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
---
 src/libs/kata-types/src/config/default.rs     |  1 +
 .../crates/runtimes/common/src/sandbox.rs     |  2 +-
 src/runtime-rs/crates/runtimes/src/manager.rs | 19 ++++++++++++++++---
 .../runtimes/virt_container/src/sandbox.rs    |  4 ++--
 4 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/src/libs/kata-types/src/config/default.rs b/src/libs/kata-types/src/config/default.rs
index aa32b59fcf..d2d922715b 100644
--- a/src/libs/kata-types/src/config/default.rs
+++ b/src/libs/kata-types/src/config/default.rs
@@ -42,6 +42,7 @@ pub const MIN_SHARED_9PFS_SIZE_MB: u32 = 4 * 1024;
 pub const MAX_SHARED_9PFS_SIZE_MB: u32 = 8 * 1024 * 1024;
 
 pub const DEFAULT_GUEST_HOOK_PATH: &str = "/opt/kata/hooks";
+pub const DEFAULT_GUEST_DNS_FILE: &str = "/etc/resolv.conf";
 
 pub const DEFAULT_GUEST_VCPUS: u32 = 1;
 
diff --git a/src/runtime-rs/crates/runtimes/common/src/sandbox.rs b/src/runtime-rs/crates/runtimes/common/src/sandbox.rs
index 5ac028ddbc..a08d56d075 100644
--- a/src/runtime-rs/crates/runtimes/common/src/sandbox.rs
+++ b/src/runtime-rs/crates/runtimes/common/src/sandbox.rs
@@ -9,7 +9,7 @@ use async_trait::async_trait;
 
 #[async_trait]
 pub trait Sandbox: Send + Sync {
-    async fn start(&self, netns: Option<String>) -> Result<()>;
+    async fn start(&self, netns: Option<String>, dns: Vec<String>) -> Result<()>;
     async fn stop(&self) -> Result<()>;
     async fn cleanup(&self, container_id: &str) -> Result<()>;
     async fn shutdown(&self) -> Result<()>;
diff --git a/src/runtime-rs/crates/runtimes/src/manager.rs b/src/runtime-rs/crates/runtimes/src/manager.rs
index f3163a3ddc..0165184ad1 100644
--- a/src/runtime-rs/crates/runtimes/src/manager.rs
+++ b/src/runtime-rs/crates/runtimes/src/manager.rs
@@ -15,11 +15,14 @@ use common::{
     RuntimeHandler, RuntimeInstance, Sandbox,
 };
 use hypervisor::Param;
-use kata_types::{annotations::Annotation, config::TomlConfig};
+use kata_types::{
+    annotations::Annotation, config::default::DEFAULT_GUEST_DNS_FILE, config::TomlConfig,
+};
 #[cfg(feature = "linux")]
 use linux_container::LinuxContainer;
 use persist::sandbox_persist::Persist;
 use shim_interface::shim_mgmt::ERR_NO_SHIM_SERVER;
+use tokio::fs;
 use tokio::sync::{mpsc::Sender, RwLock};
 #[cfg(feature = "virt")]
 use virt_container::{
@@ -48,6 +51,7 @@ impl RuntimeHandlerManagerInner {
     async fn init_runtime_handler(
         &mut self,
         netns: Option<String>,
+        dns: Vec<String>,
         config: Arc<TomlConfig>,
     ) -> Result<()> {
         info!(sl!(), "new runtime handler {}", &config.runtime.name);
@@ -70,7 +74,7 @@ impl RuntimeHandlerManagerInner {
         // start sandbox
         runtime_instance
             .sandbox
-            .start(netns)
+            .start(netns, dns)
             .await
             .context("start sandbox")?;
         self.runtime_instance = Some(Arc::new(runtime_instance));
@@ -83,6 +87,8 @@ impl RuntimeHandlerManagerInner {
             return Ok(());
         }
 
+        let mut dns: Vec<String> = vec![];
+
         #[cfg(feature = "linux")]
         LinuxContainer::init().context("init linux container")?;
         #[cfg(feature = "wasm")]
@@ -107,8 +113,15 @@ impl RuntimeHandlerManagerInner {
             None
         };
 
+        for m in &spec.mounts {
+            if m.destination == DEFAULT_GUEST_DNS_FILE {
+                let contents = fs::read_to_string(&m.source).await?;
+                dns = contents.split('\n').map(|e| e.to_string()).collect();
+            }
+        }
+
         let config = load_config(spec, options).context("load config")?;
-        self.init_runtime_handler(netns, Arc::new(config))
+        self.init_runtime_handler(netns, dns, Arc::new(config))
             .await
             .context("init runtime handler")?;
 
diff --git a/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs b/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs
index 469d5ea425..5ba122efe1 100644
--- a/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs
+++ b/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs
@@ -123,7 +123,7 @@ impl VirtSandbox {
 
 #[async_trait]
 impl Sandbox for VirtSandbox {
-    async fn start(&self, netns: Option<String>) -> Result<()> {
+    async fn start(&self, netns: Option<String>, dns: Vec<String>) -> Result<()> {
         let id = &self.sid;
 
         // if sandbox running, return
@@ -170,7 +170,7 @@ impl Sandbox for VirtSandbox {
         let kernel_modules = KernelModule::set_kernel_modules(agent_config.kernel_modules)?;
         let req = agent::CreateSandboxRequest {
             hostname: "".to_string(),
-            dns: vec![],
+            dns,
             storages: self
                 .resource_manager
                 .get_storage_for_sandbox()