fix: cidata should respect DNS settings in lima.yaml

[neowu]

fixes for #1940

[neowu]

from the log, the "debian" integration test failed on phase 2 (test after a restarting), the first phase run successfully,
it looks like caused by hostagent timeout, seems not relates to my change (otherwise phase 1 would fail)

anyway pls double check, thanks

time="2023-10-28T06:25:09Z" level=info msg="[hostagent] The optional requirement 2 of 2 is satisfied"
time="2023-10-28T06:25:09Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:25:49Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:26:29Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:27:14Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:28:48Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:29:44Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:30:24Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:31:05Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:31:50Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:32:31Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:33:14Z" level=info msg="[hostagent] Waiting for the final requirement 1 of 1: \"boot scripts must have finished\""
time="2023-10-28T06:33:37Z" level=fatal msg="did not receive an event with the \"running\" status"
time="2023-10-28T06:33:37Z" level=info msg="Sending SIGKILL to the qemu driver process 4939"```

[AkihiroSuda]

Thanks, but please sign the commit for DCO
https://github.com/apps/dco

(run git commit -a -s --amend, and make sure that the Signed-off-by: NAME <EMAIL> line with your real name is included in the commit message)

[neowu]

I have signed the commit, please review

[balajiv113]

@neowu Changes looks good. Basically we are giving priority to dns first. Now am just thinking why not support dns as a secondary ones.

We always use slirp dns, additional to it we also use dns if its configured. This way slirp also will be there and custom DNS also can be configured.

@AkihiroSuda what do you think about this ?? I believe this was the intention to dns property itself.

[jandubois]

We always use slirp dns, additional to it we also use dns if its configured. This way slirp also will be there and custom DNS also can be configured.

No, this is not how DNS should be configured. You normally have multiple redundant DNS servers in case one of them is unavailable (e.g. because of maintenance). They could also be load-balancing. But they are not used as fallback if one DNS doesn't recognize a name.

So if e.g. one DNS has additional entries for a VPN, and the other one doesn't, then it is random if the VPN names will resolve. The resolver should pick one DNS at random, and only try another one if the first one doesn't respond within a timeout. It will not retry if it got a NOTFOUND response.

Different resolver implementations may implement things differently though, e.g. the musl implementation does send requests to multiple servers in parallel and then picks the first one to answer (which still could be NXDOMAIN, failing the lookup).

So in general it is a bad idea to configure multiple DNS servers unless they cover exactly the same domains.

[jandubois]

Thanks, LGTM