Skip to content
This repository has been archived by the owner on Mar 28, 2020. It is now read-only.

pkg/util: Change check-dns init container image #1919

Merged
merged 1 commit into from
Feb 8, 2018
Merged

pkg/util: Change check-dns init container image #1919

merged 1 commit into from
Feb 8, 2018

Conversation

lander2k2
Copy link
Contributor

The image currently used is busybox:1.28.0 which uses uclibc. This is
causing nslookup to fail name resolution when it shouldn't in some
environments. The version of busybox that uses glibc does not suffer the
same problem.

Related:
docker-library/busybox#9
docker-library/busybox#27

@lander2k2
pkg/util: Change check-dns init container image
07c06a4 
The image currently used is busybox:1.28.0 which uses uclibc.  This is
causing nslookup to fail name resolution when it shouldn't in some
environments.  The version of busybox that uses glibc does not suffer the
same problem.

Related:
docker-library/busybox#9
docker-library/busybox#27
@etcd-bot
Copy link
Collaborator

etcd-bot commented Feb 7, 2018

Can one of the admins verify this patch?

2 similar comments
@etcd-bot
Copy link
Collaborator

etcd-bot commented Feb 7, 2018

Can one of the admins verify this patch?

@etcd-bot
Copy link
Collaborator

etcd-bot commented Feb 7, 2018

Can one of the admins verify this patch?

@hongchaodeng
Copy link
Member

@etcd-bot ok to test

@hongchaodeng
Copy link
Member

@lander2k2
Can you provide a failure scenario and let me see if I can reproduce it.

@lander2k2
Copy link
Contributor Author

lander2k2 commented Feb 7, 2018
edited
Loading

@hongchaodeng
I've been unable to reproduce the error in AWS but here's the test I employed in the VMware environment where this is happening.

# bbox-po.yaml
apiVersion: v1
kind: Pod
metadata:
  name: bbox
spec:
  containers:
  - image: busybox
    name: bbox
    command: ["sleep", "86400"]

# bbox-glibc-po.yaml
apiVersion: v1
kind: Pod
metadata:
  name: bbox-glibc
spec:
  containers:
  - image: busybox:glibc
    name: bbox-glibc
    command: ["sleep", "86400"]

$ kubectl create -f bbox-po.yaml
$ kubectl create -f bbox-glibc-po.yaml
$ kubectl exec bbox-glibc /bin/nslookup tectonic-lb.tectonic-system.svc
Server:    10.3.0.10
Address 1: 10.3.0.10 kube-dns.kube-system.svc.cluster.local

Name:      tectonic-lb.tectonic-system.svc
Address 1: 10.3.155.251 tectonic-lb.tectonic-system.svc.cluster.local

$ kubectl exec bbox /bin/nslookup tectonic-lb.tectonic-system.svc
Server:    10.3.0.10
Address 1: 10.3.0.10 kube-dns.kube-system.svc.cluster.local

nslookup: can't resolve 'tectonic-lb.tectonic-system.svc'

Sorry I can't give a more universally reproducible example. I did think this was related to a bug in uclibc related to nameserver search path length [1] but I've been unable to induce the error outside the VMware environment by manipulating the search path. :/

[1] https://mailman.uclibc-ng.org/pipermail/devel/2016-February/000775.html

hongchaodeng
hongchaodeng reviewed Feb 8, 2018
View reviewed changes
Copy link
Member

@hongchaodeng hongchaodeng left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM after nit

pkg/util/k8sutil/k8sutil.go
@@ -346,7 +346,7 @@ func newEtcdPod(m *etcdutil.Member, initialCluster []string, clusterName, state,
},
Spec: v1.PodSpec{
InitContainers: []v1.Container{{
Image: "busybox:1.28.0",
Image: "busybox:1.28.0-glibc",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a comment about the search path issue on VMWare environment and why use glibc instead?

@hongchaodeng
Copy link
Member

Going to do a release later today. So I will merge this and add the comment myself.

@hongchaodeng hongchaodeng merged commit 101e85f into coreos:master Feb 8, 2018
@lander2k2 lander2k2 deleted the check-dns_image branch February 8, 2018 20:48
@hongchaodeng hongchaodeng mentioned this pull request Feb 8, 2018
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@hongchaodeng hongchaodeng hongchaodeng left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lander2k2 @etcd-bot @hongchaodeng