How to pass dns sessings when network stanza for taskgroup used?

[tantra35]

Nomad version

0.10.4

Issue

When we use network stanza inside tack group there not any chance to defining dns configuration. Only to partial workaround of this is define dns in /etc/cni/net.d default conf of CNI plugins

[notnoop]

I don't believe we support setting DNS in nomad. It does seem somewhat task driver specific (e.g. docker vs exec) so it may require extra care. I'll raise it with the team. Thanks for raising.

[tantra35]

@notnoop Please suggest any workaround of this? Now if nomad client host have any dns caching solutions like dnsmask or systemd-resolved, so inside bridge network we got absolutely not usable dns resolving which is simply doesn't work because resolv.conf inside bridge network, was filled with configuration from host system, which hold follow lines(dnsmasq substitutes real nameserver with localhost)

nameserver 127.0.0.1

Only solution that we concocted is to wrap bridge binary of cni with something custom which will modify stdin(as i understand its simple json) to provide additional info for dns

[nickethier]

Hey @tantra35 I'm working on this as part of a deeper integration with CNI. Unfortunately theres not an easy way to do it today. You might try using the nomad bridge IP for running local nameservers. It should be both reachable from the host and bridged allocs. We definitely will be exposing these settings more first class in the job file, but this might workaround in the meantime.

[danlsgiga]

@tantra35 would you have a code example for a CNI config to put into /etc/cni/net.d? I'm having the same issue and would like to have this workaround in place until Nomad provides a native way of specifying a DNS to exec tasks running inside bridged networks.

[danlsgiga]

@nickethier I already have unbound listening in the bridge interface but we still don't have any way of telling Nomad to build a specific /etc/resolv.conf pointing to the bridge IP inside an exec task. Any suggestions?

[stale]

Hey there

Since this issue hasn't had any activity in a while - we're going to automatically close it in 30 days. If you're still seeing this issue with the latest version of Nomad, please respond here and we'll keep this open and take another look at this.

Thanks!

[danlsgiga]

Just want to confirm this is available with Nomad 0.12 that went GA today... I don't see this feature listed in the changelog but I see it in the docs at https://www.nomadproject.io/docs/job-specification/network... so, may I assume this is delivered on 0.12 GA? 😃

[shoenig]

Yep @danlsgiga , with Nomad v0.12 the ability to pass through DNS configuration using the dns stanza exists as described in #7661.

[tantra35]

not working with bridge

with follow erro:
failed to create container: API error (400): conflicting options: dns and the network mode

[danlsgiga]

I believe #8600 fixes this!

[tgross]

This issue was closed by #8600, released in 0.12.4. (Changelog entry was missing but I've added it in #9665)

[github-actions]

I'm going to lock this issue because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.