Merge pull request #43925 from Random-Liu/fix-dockershim-dns-options

Automatic merge from submit-queue [CRI] Use DNSOptions passed by CRI in dockershim. When @xlgao-zju is working on the CRI validation test, he found that dockershim is not using the DNSOptions passed in CRI. https://github.com/kubernetes-incubator/cri-tools/pull/30#issuecomment-290644357 This PR fixed the issue. I've manually tried, for `ClusterFirst` DNSPolicy, the resolv.conf will be: ``` nameserver 8.8.8.8 search corp.google.com prod.google.com prodz.google.com google.com options ndots:5 ``` For `Default` DNSPolicy, the resolv.conf will be: ``` nameserver 127.0.1.1 search corp.google.com prod.google.com prodz.google.com google.com ``` @xlgao-zju You should be able to test after this PR is merged. /cc @yujuhong @feiskyer
2025-07-23 11:50:44 +00:00 · 2017-04-03 11:58:23 -07:00 · 2017-04-03 11:58:23 -07:00 · 6c6f4f0185
commit 6c6f4f0185
parent 2794514769 b1ce4b7a1d
1 changed files with 52 additions and 1 deletions
--- a/pkg/kubelet/dockershim/docker_sandbox.go
+++ b/pkg/kubelet/dockershim/docker_sandbox.go
@ -18,6 +18,8 @@ package dockershim

 import (
 	"fmt"
+	"os"
+	"strings"

 	dockertypes "github.com/docker/engine-api/types"
 	dockercontainer "github.com/docker/engine-api/types/container"
@ -105,7 +107,7 @@ func (ds *dockerService) RunPodSandbox(config *runtimeapi.PodSandboxConfig) (str
 			return createResp.ID, fmt.Errorf("failed to inspect sandbox container for pod %q: %v", config.Metadata.Name, err)
 		}

-		if err := dockertools.RewriteResolvFile(containerInfo.ResolvConfPath, dnsConfig.Servers, dnsConfig.Searches, len(dnsConfig.Options) > 0); err != nil {
+		if err := rewriteResolvFile(containerInfo.ResolvConfPath, dnsConfig.Servers, dnsConfig.Searches, dnsConfig.Options); err != nil {
 			return createResp.ID, fmt.Errorf("rewrite resolv.conf failed for pod %q: %v", config.Metadata.Name, err)
 		}
 	}
@ -587,3 +589,52 @@ func toCheckpointProtocol(protocol runtimeapi.Protocol) Protocol {
 	glog.Warningf("Unknown protocol %q: defaulting to TCP", protocol)
 	return protocolTCP
 }
+
+// rewriteResolvFile rewrites resolv.conf file generated by docker.
+func rewriteResolvFile(resolvFilePath string, dns []string, dnsSearch []string, dnsOptions []string) error {
+	if len(resolvFilePath) == 0 {
+		glog.Errorf("ResolvConfPath is empty.")
+		return nil
+	}
+
+	if _, err := os.Stat(resolvFilePath); os.IsNotExist(err) {
+		return fmt.Errorf("ResolvConfPath %q does not exist", resolvFilePath)
+	}
+
+	var resolvFileContent []string
+	for _, srv := range dns {
+		resolvFileContent = append(resolvFileContent, "nameserver "+srv)
+	}
+
+	if len(dnsSearch) > 0 {
+		resolvFileContent = append(resolvFileContent, "search "+strings.Join(dnsSearch, " "))
+	}
+
+	if len(dnsOptions) > 0 {
+		resolvFileContent = append(resolvFileContent, "options "+strings.Join(dnsOptions, " "))
+	}
+
+	if len(resolvFileContent) > 0 {
+		resolvFileContentStr := strings.Join(resolvFileContent, "\n")
+		resolvFileContentStr += "\n"
+
+		glog.V(4).Infof("Will attempt to re-write config file %s with: \n%s", resolvFilePath, resolvFileContent)
+		if err := rewriteFile(resolvFilePath, resolvFileContentStr); err != nil {
+			glog.Errorf("resolv.conf could not be updated: %v", err)
+			return err
+		}
+	}
+
+	return nil
+}
+
+func rewriteFile(filePath, stringToWrite string) error {
+	f, err := os.OpenFile(filePath, os.O_TRUNC|os.O_WRONLY, 0644)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	_, err = f.WriteString(stringToWrite)
+	return err
+}