From 3d4bc931d34389d4c33ed941c6cd8c22400e92db Mon Sep 17 00:00:00 2001 From: Jing Xu Date: Fri, 25 Aug 2017 14:15:37 -0700 Subject: [PATCH] Set up DNS server in containerized mounter path During NFS/GlusterFS mount, it requires to have DNS server to be able to resolve service name. This PR gets the DNS server ip from kubelet and add it to the containerized mounter path. So if containerized mounter is used, service name could be resolved during mount --- cluster/gce/gci/configure-helper.sh | 2 +- pkg/kubelet/kubelet.go | 36 +++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/cluster/gce/gci/configure-helper.sh b/cluster/gce/gci/configure-helper.sh index d6002b41f5c..e8ee1d53f02 100644 --- a/cluster/gce/gci/configure-helper.sh +++ b/cluster/gce/gci/configure-helper.sh @@ -1201,7 +1201,7 @@ function prepare-mounter-rootfs { mount --make-rshared "${CONTAINERIZED_MOUNTER_ROOTFS}/var/lib/kubelet" mount --bind -o ro /proc "${CONTAINERIZED_MOUNTER_ROOTFS}/proc" mount --bind -o ro /dev "${CONTAINERIZED_MOUNTER_ROOTFS}/dev" - mount --bind -o ro /etc/resolv.conf "${CONTAINERIZED_MOUNTER_ROOTFS}/etc/resolv.conf" + cp /etc/resolv.conf "${CONTAINERIZED_MOUNTER_ROOTFS}/etc/" } # A helper function for removing salt configuration and comments from a file. diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go index c9b6b6239d3..04f3d136f81 100644 --- a/pkg/kubelet/kubelet.go +++ b/pkg/kubelet/kubelet.go @@ -19,11 +19,13 @@ package kubelet import ( "crypto/tls" "fmt" + "io/ioutil" "net" "net/http" "net/url" "os" "path" + "path/filepath" "sort" "strings" "sync" @@ -760,7 +762,11 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, // check node capabilities since the mount path is not the default if len(kubeCfg.ExperimentalMounterPath) != 0 { kubeCfg.ExperimentalCheckNodeCapabilitiesBeforeMount = false + // Replace the nameserver in containerized-mounter's rootfs/etc/resolve.conf with kubelet.ClusterDNS + // so that service name could be resolved + klet.setupDNSinContainerizedMounter(kubeCfg.ExperimentalMounterPath) } + // setup volumeManager klet.volumeManager = volumemanager.NewVolumeManager( kubeCfg.EnableControllerAttachDetach, @@ -2141,6 +2147,36 @@ func (kl *Kubelet) cleanUpContainersInPod(podID types.UID, exitedContainerID str } } +// Replace the nameserver in containerized-mounter's rootfs/etc/resolve.conf with kubelet.ClusterDNS +func (kl *Kubelet) setupDNSinContainerizedMounter(mounterPath string) { + resolvePath := filepath.Join(strings.TrimSuffix(mounterPath, "/mounter"), "rootfs", "etc", "resolv.conf") + dnsString := "" + for _, dns := range kl.clusterDNS { + dnsString = dnsString + fmt.Sprintf("nameserver %s\n", dns) + } + if kl.resolverConfig != "" { + f, err := os.Open(kl.resolverConfig) + defer f.Close() + if err != nil { + glog.Error("Could not open resolverConf file") + } else { + _, hostSearch, err := kl.parseResolvConf(f) + if err != nil { + glog.Errorf("Error for parsing the reslov.conf file: %v", err) + } else { + dnsString = dnsString + "search" + for _, search := range hostSearch { + dnsString = dnsString + fmt.Sprintf(" %s", search) + } + dnsString = dnsString + "\n" + } + } + } + if err := ioutil.WriteFile(resolvePath, []byte(dnsString), 0600); err != nil { + glog.Errorf("Could not write dns nameserver in file %s, with error %v", resolvePath, err) + } +} + // isSyncPodWorthy filters out events that are not worthy of pod syncing func isSyncPodWorthy(event *pleg.PodLifecycleEvent) bool { // ContatnerRemoved doesn't affect pod state