DNS resolution for sysrepo backed by MongoDB on Docker #15
Comments
|
Could you please attach a full backtrace when that exception is thrown? |
|
Not too familiar with generating backtraces used instructions from here: https://wiki.ubuntu.com/Backtrace |
|
Thanks. Unfortunately, the backtrace only says that it's "somewhere from the constructor". There's a lot going on in there, and I'm missing some more detailed info. There's nothing directly in rousette which would attempt to resolve hostnames, but there's plenty of bugreports around the web which mention Docker's network setup, problems with DNS resolution and this very same error message. Also, the SW stack that we're using, which is based on Boost-ASIO, might be relevant here.
We don't know that yet. Rousette is creating a different set of internal subscriptions. It is "possible" that some of these subscriptions refer to a module whose datastore uses the MongoDB plugin, which attempts to resolve stuff, which breaks under your specific network setup. Can you please ensure that you've built rousette with |
|
What I was implying with the Netopeer comment was that sysrepo and netopeer2 seem to be both connecting to the datastores backed by mongoDb on another container (running, operational in my case) and startup in non-mongoDb (json) the -ggdb flag did not work with cmake, a little googling and I found this: gdb-rousette2.txt Since the error seems to occur in sysrepo-cpp I also enabled debug symbols on that package and ran another gdb backtrace not sure if that helps or not |
|
Thanks, and just confirming that the CMake flags are correct; that should get you going. The error message that's shown now is a different one, you're getting a |
|
gdb-rousette4.txt |
|
Sorry for yet another round of instructions, there are some internal exceptions which are usually ignored. Do something like |
|
gdb-rousette5.txt |
|
That was Also, consider picking this patch and running rousette with |
|
Here is four continues before patch |
Thanks to Jason Patterson for sending a bugreport; its investigation led to discovering this bug. See-also: CESNET/rousette#15 Change-Id: I082987d60380f860e08f26b436d0f9db4a231bec
|
We looked into this with @peckato1 , and we were able to reproduce this even without MongoDB when the IPv6 network stack was completely disabled. You mentioned Docker and, unfortunately, it seems that they still disable IPv6 by default. Could you please check whether the daemon starts up properly when you enable IPv6? You don't need any particular settings, just a Alternatively, you might try patching the server like this: diff --git a/src/restconf/main.cpp b/src/restconf/main.cpp
index 0c31f08..b8c6e12 100644
--- a/src/restconf/main.cpp
+++ b/src/restconf/main.cpp
@@ -160,7 +160,7 @@ int main(int argc, char* argv [])
}
auto conn = sysrepo::Connection{};
- auto server = rousette::restconf::Server{conn, "::1", "10080", timeout};
+ auto server = rousette::restconf::Server{conn, "127.0.0.1", "10080", timeout};
signal(SIGTERM, [](int) {});
signal(SIGINT, [](int) {});
pause();Please be advised that we do require IPv6; the service is designed to run behind a reverse proxy, and we might rely on IPv6-features for a proper, secure TLS setup in future. For those reading this bugreport in future: the suggestion for hardcoding |
|
No reply, closing. |
I am trying to setup rousette on docker-compose with sysrepo backed by a Mongodb server on a separate container but rousette does not like dns resolution on docker
when starting rousette
(.venv) root@ee22530c790b:/build/rousette/yang# rousette
[2024-11-20 22:39:14.591] [rousette] [debug] NACM config validation: no rule-list entries
[2024-11-20 22:39:14.592] [rousette] [info] NACM config validation: Anonymous user access disabled
[2024-11-20 22:39:14.594] [rousette] [warning] Telemetry disabled. No CzechLight YANG modules found.
terminate called after throwing an instance of 'std::runtime_error'
what(): Server error: Host not found (authoritative)
Aborted (core dumped)
if I change my DNS server to 8.8.8.8 (or any public)
(.venv) root@ee22530c790b:/build/rousette/yang# rousette
2024/11/20 22:40:51.0414: [12045]: DEBUG: monitor: [mongo:27017] command or network error occurred: Failed to resolve mongo
mongo is the name of my mongodb service in my docker compose file
it is reachable via ICMP
(.venv) root@ee22530c790b:/build/rousette/yang# ping mongo
PING mongo (172.28.0.2) 56(84) bytes of data.
64 bytes from sysrepo-mongo.sysrepo-mongo_mongo (172.28.0.2): icmp_seq=1 ttl=64 time=0.150 ms
however a nslookup shows that docker's DNS is giving a non-authoritive answer
(.venv) root@ee22530c790b:/build/rousette/yang# nslookup mongo
Server: 127.0.0.11
Address: 127.0.0.11#53
Non-authoritative answer:
Name: mongo
Address: 172.28.0.2
The Netopeer2 works on same machine, so I know sysrepo is working properly
it seems the DNS resolution for sysrepo mongo instance, in rousette, is only accepting authoritive DNS responses via Boost
if I add mongo to /etc/hosts, and set resolve.conf to 8.8.8.8 I can ping mongo but still same error when starting rousette
(.venv) root@ee22530c790b:/build/rousette/yang# ping mongo
PING mongo (172.28.0.2) 56(84) bytes of data.
64 bytes from mongo (172.28.0.2): icmp_seq=1 ttl=64 time=0.156 ms
64 bytes from mongo (172.28.0.2): icmp_seq=2 ttl=64 time=0.114 ms
^C
--- mongo ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1013ms
rtt min/avg/max/mdev = 0.114/0.135/0.156/0.021 ms
(.venv) root@ee22530c790b:/build/rousette/yang# nslookup mongo
Server: 8.8.8.8
Address: 8.8.8.8#53
** server can't find mongo: NXDOMAIN
(.venv) root@ee22530c790b:/build/rousette/yang# rousette
[2024-11-20 22:48:02.452] [rousette] [debug] NACM config validation: no rule-list entries
[2024-11-20 22:48:02.452] [rousette] [info] NACM config validation: Anonymous user access disabled
[2024-11-20 22:48:02.457] [rousette] [warning] Telemetry disabled. No CzechLight YANG modules found.
terminate called after throwing an instance of 'std::runtime_error'
what(): Server error: Host not found (authoritative)
Aborted (core dumped)
The text was updated successfully, but these errors were encountered: