faasd icon indicating copy to clipboard operation
faasd copied to clipboard

Published 20 hours ago verified publisher icon openfaas

Make dns nameserver configurable

Open dsrowell opened this issue 4 years ago • 2 comments

Expected Behaviour

I need the ability to resolve names internal to my organization, so I want to be able to override the nameserver used for dns resolution.

Current Behaviour

Currently the /etc/resolv.conf file inside a function is hardcoded to contain "nameserver 8.8.8.8".

Are you a GitHub Sponsor (Yes/No?)

Check at: https://github.com/sponsors/openfaas

  • [ ] Yes
  • [x] No

List all Possible Solutions

I would be happy to create a pull request, but I am not a go programmer and am just learning about how this project is structured. My attempt to solve this is as follows:

In cmd/provider.go, I modified the creation of resolv.conf:

writeResolvErr := ioutil.WriteFile(path.Join(wd, "resolv.conf"),
			[]byte(`nameserver `+config.Nameserver), workingDirectoryPermission)

This necessitates adding Nameserver to FaaSConfig: vendor/github.com/openfaas/faas-provider/types/config.go:

// Nameserver specifies a dns nameserver
Nameserver string

vendor/github.com/openfaas/faas-provider/types/read_config.go:

	Nameserver:      ParseString(hasEnv.Getenv("nameserver"), "8.8.8.8"),

This is where I am out of my element. Because this seems to require a change to faas-provider, which appears to be an interface, I worry this means a possibly breaking change to other faas-provider implementations. This is why I have created an issue instead of a PR.

List the one solution that you would recommend

I don't know that I am in a position to make a recommendation.

Steps to Reproduce (for bugs)

Create a python function and attempt a dns resolution of a non-public hostname

import socket
print(socket.gethostbyname('my.private.net'))

Context

In my function, I am attempting to resolve the name of an internal web server. By hardcoding nameserver to 8.8.8.8, I cannot.

Your Environment

  • OS and architecture:

Ubuntu 20.04 on amd64

  • Versions:
go version

go version go1.13.8 linux/amd64

containerd -version

containerd github.com/containerd/containerd v1.3.7 8fba4e9a7d01810a393d5d25a3621dc101981175

uname -a

Linux faas02 5.4.0-71-generic #79-Ubuntu SMP Wed Mar 24 10:56:57 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

cat /etc/os-release

NAME="Ubuntu"
VERSION="20.04.2 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.2 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal

faasd version

faasd version: 0.11.3-2-g2885bb0-dirty  commit: 2885bb0c514a403d317b93e6d8add1ad52239a13

dsrowell avatar Apr 15 '21 12:04 dsrowell

Hi @dsrowell thanks for your interest in faasd.

Can you tell us what organisation this is for?

I can't tell you when or if we would get to this, but a workaround for you may be to use a small HTTP proxy like squid, running on the same host as faasd. If you've purchased the eBook, then you'll learn how to add core services, squid would just be one of those. Your function would then simply have an environment variable pointing at it and you'd be all set. I would estimate it'd take you < 1 hour to set that up.

Alex

alexellis avatar Apr 15 '21 15:04 alexellis

I have the same issue with DNS but I am trying to reach a small Microsoft SQL-Express instance, Squid won't work. I can look up the DB host using my internal DNS but not from 8.8.8.8 and I'd rather not use static IP since the PC that runs that database sometimes get a new IP.

Also probably related to #176

kmpm avatar Jun 01 '21 13:06 kmpm