Alpine base image does not traverse all DNS records

[timtorChen]

These days, I find the Vaultwarden password edition costs 2 to 3 seconds to complete, which is pretty slow. I checked the server log and it shows:

[2024-08-03 15:46:20.541][vaultwarden::api::push][ERROR] Error getting push token from bitwarden server: error sending request for url (https://identity.bitwarden.com/connect/token)

Well, maybe it is related to my forgotten identity.bitwarden.com in CiliumNetworkPolicy dns list. I updated the CiliumNetworkPolicy, but the error is still there. As the result, I dug more deeper with Cilium Hubble:

> hubble observe  --protocol DNS --namespace=vaultwarden -f  
# and trigger a password edition

Aug  3 15:49:43.318: vaultwarden/vaultwarden-7c859588cd-n9n7h:33069 (ID:64736) -> kube-system/coredns-79f6b57d6c-57d9v:53 (ID:19294) dns-request proxy DROPPED (DNS Query identity.bitwarden.com.vaultwarden.svc.cluster.local. AAAA)
Aug  3 15:49:43.318: vaultwarden/vaultwarden-7c859588cd-n9n7h:33069 (ID:64736) -> kube-system/coredns-79f6b57d6c-57d9v:53 (ID:19294) dns-request proxy DROPPED (DNS Query identity.bitwarden.com.vaultwarden.svc.cluster.local. A)
Aug  3 15:49:45.818: vaultwarden/vaultwarden-7c859588cd-n9n7h:33069 (ID:64736) -> kube-system/coredns-79f6b57d6c-57d9v:53 (ID:19294) dns-request proxy DROPPED (DNS Query identity.bitwarden.com.vaultwarden.svc.cluster.local. AAAA)
Aug  3 15:49:45.818: vaultwarden/vaultwarden-7c859588cd-n9n7h:33069 (ID:64736) -> kube-system/coredns-79f6b57d6c-57d9v:53 (ID:19294) dns-request proxy DROPPED (DNS Query identity.bitwarden.com.vaultwarden.svc.cluster.local. A)

The resolution stops here. It seems encountered the alpine issue described in https://docs.cilium.io/en/stable/security/policy/language/#alpine-musl-deployments-and-dns-refused.