kic-reference-architectures
kic-reference-architectures copied to clipboard
nginxinc
bug: locust (load tester) BoS component does not honor /etc/hosts from K8 host
Describe the bug If you run MARA using a FQDN that you have created yourself (ie, not a FQDN from a provider) you will run into an issue where the MARA load tester pod will not be able to resolve the Ingress Controller name, as it will be trying to resolve names from the upstream DNS server via the CoreDNS K8 component.
To Reproduce Steps to reproduce the behavior:
- Deploy MARA to a local k8 deployment using a created FQDN
- Add the FQDN and IP of the host to your hostfile.
- Verify that you are able to access the application
- Try and use the locust load tester pod; it will error out with unable to resolve errors.
Expected behavior We need a way for the load tester to resolve the FQDN of the frontend. Potential solutions:
- Run
dnsmasqon the host and make it the resolver for CoreDNS - Edit the locust pod to add the host information to
/etc/resolv.conf - Determine if we can pass static hosts through to the CoreDNS.
Your environment
- n/a
Additional context None
This issue is tied to coredns; this is the component that provides DNS resolution to the kubernetes cluster. This component is very configurable, which leads us to a few different ways of fixing this issue.
NOTE: This issue only occurs when you are using a FQDN that will not resolve via the upstream resolver for the host system.
The two workarounds require the editing of the configmap for coredns.
- Update the configuration to include a zone file as discussed here
- Create a local (ie, non-autoratative) DNS server, using a tool such as DNSmasq.
This function is from a script that updates the coredns configmap for scenario 2:
coredns_config()
{
#
# We are going to use the IP address of our host...
#
IP_ADDR=$(ip -j route show to 0.0.0.0/0 | jq ".[].prefsrc" | sed 's/"//g')
#
# We build our configuration file; this logic says that for every query for the "test" domain we should use
# IP_ADDR to point to our resolver. This will allow the locust loadgenerator to hit the NGINX IC.
#
cat > '/tmp/coredns.yaml' <<FileContent
apiVersion: v1
data:
Corefile: |
.:53 {
errors
health
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
}
hosts /etc/coredns/NodeHosts {
ttl 60
reload 15s
fallthrough
}
prometheus :9153
forward test ${IP_ADDR}
forward . /etc/resolv.conf
cache 30
loop
reload
loadbalance
}
import /etc/coredns/custom/*.server
NodeHosts: |
10.1.1.4 ubuntu
kind: ConfigMap
metadata:
annotations:
name: coredns
namespace: kube-system
FileContent
#
# Now we apply the configuration to coredns...
#
"${PROJECT_ROOT}"/pulumi/python/venv/bin/kubectl apply -f /tmp/coredns.yaml
#
# And now we check the output...
"${PROJECT_ROOT}"/pulumi/python/venv/bin/kubectl describe configmap --namespace kube-system coredns
}