#no dns inside dagger

host not found error inside dagger (looks like the equivalent of podman run --net=host is missing). Is there a dagger global config to add dns capabilities?

Hey Asher! Haven't tried this myself but I think you should be able to set it globally for all the containers dagger runs via the engine.toml file as mentioned here: https://docs.dagger.io/configuration/engine/#configuration

The property you're looking for is:

[dns]
nameservers=["1.1.1.1","8.8.8.8"]
options=["edns0"]
searchDomains=["example.com"]

^ give it a try and let us know if that works.

once I did it, it' not running anymore...

! connection error: desc = "error reading server preface: command [docker exec -i dagger-engine-v0.18.14 buildctl dial-stdio]
has exited with exit status 255, make sure the URL is valid, and Docker 18.09 or later is installed on the remote host:
stderr=Error: OCI runtime error: runc: exec failed: unable to start container process: error executing setns process: exit
status 1\n"

this is .config/dagger/engine.json

{
"dns": {
"nameservers": [
"127.0.0.1"
],
"options": [
"edns0"
],
"searchDomains": [
"example.com"
]
}
}

127.0.0.1 is bc I have networkmanager

That won't work because the engine doesn't run in the host namespace.

And there's no way to specify that. The engine should automatically use whatever your host's machine DNS server is by default

let me try direct dns

same failure...

{
"dns": {
"nameservers":
"10.47.242.10",
"10.45.248.15"
],
"options": [
"edns0"
],
"searchDomains": [
"redhat.com"
]
}
}

Sorry, just realized you're using JSON. I'm AFK

This only works via toml setting

Currently

well, it's not working (with/without engine.toml). specifically those libvirt machines. i.e nslookup registry.ocp3m0w-id6s18.qe.lab.redhat.com is found. but inside dagger and container|from alpine| terminal the same nslookup is not found. (other lan/internet machines are found)

ok, I'm in the computer now

let me do a quick test 🙏

@snow rover mind running this command where you dagger engine is running? docker exec $(docker ps --filter name="dagger-engine-*" -q) cat /etc/dnsmasq-resolv.conf

that should print the DNS configuration the dagger engine is using

that should be the same underlying config from the host. I'd like to check if that is the case first

@dry parrot run ^^, and it's the same as host. As wrote b4, no issue with inernet/lan names. the issue is with local libvirt vm. these hosts are not found.

that's strange.. how does your local machine resolve those local libvirt vms then? Since Dagger is using the same DNS server as your host machine

are those vm names hardcoded in /etc/hostsor something?

no. I'm using rhel + network manager. the host /etc/resolv.conf only have nameserver 127.0.0.1. so for example in the host:

that's what's strange. If those vms are resolved via DNS, dagger is currently using your same host dns server

nslookup registry.ocp3m0w-id6s19.qe.lab.redhat.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Name: registry.ocp3m0w-id6s19.qe.lab.redhat.com
Address: 192.168.139.1
Name: registry.ocp3m0w-id6s19.qe.lab.redhat.com
Address: fd2e:6f44:fde8::1

but inside dagger and container|from alpine|terminal same ^^ nslookup is not working

@snow rover can you try running docker exec $engine_container sh and run the nslookup there?

what'sin $engine_container?

your dagger engine container. You can get it with docker ps

ok

you should see a dagger engine container is running in your machine

[root@ocp-edge93 ~]# podman exec -it d1f3513ef56b nslookup registry.ocp3m0w-id6s19.qe.lab.redhat.com
Server: 10.87.0.1
Address: 10.87.0.1:53

** server can't find registry.ocp3m0w-id6s19.qe.lab.redhat.com: NXDOMAIN

** server can't find registry.ocp3m0w-id6s19.qe.lab.redhat.com: NXDOMAIN

not found inside dagger engine

have you checked your /etc/hosts doesn't contain those VM names, haven't you?

😆 [root@ocp-edge93 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 upstream1.qe.lab.redhat.com

there it is?

so your local machine is not using DNS to resolve those vm's

is using /etc/hosts

that's why Dagger can't resolve them

how u say that?

oh, I saw this 127.0.0.1 upstream1.qe.lab.redhat.com and I though there were more entries

no. that's some test I did... I'll remove it

with dagger, ur not querying the 'localhost' nameserver, only the upstream one... that's why.

can I update the dagger engine container /etc/resolv.conf to include teh localhost ip?

@snow rover do you have any files here in your machine by any chance? /etc/NetworkManager/dnsmasq.d/

googling a bit, seems like libvirt starts its own dnsmasq server and then configures NetworkManager to forward specific requests to that server automatically

of course I have. all the vm's is there

do you have a libvirt_dnsmasq.conf?

there's surely some option there to allow queries coming from dagger to be forwarded accordingly

[root@ocp-edge93 dnsmasq.d]# cat ocp3m0w-id6s19.conf

address=/api.ocp3m0w-id6s19.qe.lab.redhat.com/192.168.139.5
address=/api.ocp3m0w-id6s19.qe.lab.redhat.com/fd2e:6f44:fde8::5

address=/api-int.ocp3m0w-id6s19.qe.lab.redhat.com/192.168.139.5
address=/api-int.ocp3m0w-id6s19.qe.lab.redhat.com/fd2e:6f44:fde8::5

address=/.apps.ocp3m0w-id6s19.qe.lab.redhat.com/192.168.139.10
address=/.apps.ocp3m0w-id6s19.qe.lab.redhat.com/fd2e:6f44:fde8::a

address=/master-0.ocp3m0w-id6s19.qe.lab.redhat.com/192.168.139.20
address=/master-0.ocp3m0w-id6s19.qe.lab.redhat.com/fd2e:6f44:fde8::20

address=/master-1.ocp3m0w-id6s19.qe.lab.redhat.com/192.168.139.21
address=/master-1.ocp3m0w-id6s19.qe.lab.redhat.com/fd2e:6f44:fde8::21

address=/master-2.ocp3m0w-id6s19.qe.lab.redhat.com/192.168.139.22
address=/master-2.ocp3m0w-id6s19.qe.lab.redhat.com/fd2e:6f44:fde8::22

address=/hypervisor.ocp3m0w-id6s19.qe.lab.redhat.com/192.168.139.1
address=/hypervisor.ocp3m0w-id6s19.qe.lab.redhat.com/fd2e:6f44:fde8::1

address=/registry.ocp3m0w-id6s19.qe.lab.redhat.com/192.168.139.1
address=/registry.ocp3m0w-id6s19.qe.lab.redhat.com/fd2e:6f44:fde8::1

address=/registry.local.qe.lab.redhat.com/192.168.139.1
address=/registry.local.qe.lab.redhat.com/fd2e:6f44:fde8::1

one last question. Mind sharing what docker exec $(docker ps --filter name="dagger-engine-*" -q) cat /etc/dnsmasq-resolv.conf returns?

[root@ocp-edge93 ~]# docker exec $(docker ps --filter name="dagger-engine-*" -q) cat /etc/dnsmasq-resolv.conf
search lab.eng.tlv2.redhat.com mgmt.lab.eng.tlv2.redhat.com eng.lab.tlv.redhat.com tlv.redhat.com
nameserver 10.47.242.10
nameserver 10.45.248.15

ok.. that's strange.. I wasn't expecting to see this

do you have that configured in your Docker daemon by any chance?

Not using docker. using podman. and no

i.e: what does docker run --rm alpine cat /etc/resolv.conf return?

I was actually expecting to see your machine's IP there, not those hardcoded IPs

same as the engine

ok, something is hardcoding the podman DNS servers to that list

Those ip's are the upstream dns, which networkmanager using behind the local nameserver (taken from the networkmanager connection)

yes, but podman is not able to resolve your libvirt vms as well

*unless you use --net host

which Dagger doesn't implement

if u run it with --net=host it will resolve

ok. so dagger does not use --net=host, but could I add the 'localhost' nameserver there?

it's not localhost, it should be your podman's equivalent to docker0

does podman create that interface?

equivalent of docker0

not sure... don't see.. IC dagger0

does ip a s docker0 work?

hmm doesn't seem like

checking what podman does for networking actually

another q. if I write my functions in golang, can I debug my function using the sdk debugger (visual studio) ?

not currently since the functions are executed in a sandboxed environment. We have an issue for that in the dagger/dagger repo

to be able to attach a remove debugger and connect your IDE to it

@snow rover try this please:

docker run --rm alpine nslookup registry.local.qe.lab.redhat.com $your_machine_ip

where your $your_machine_ip is the LAN IP your machine has

[root@ocp-edge93 ~]# docker run --rm alpine nslookup registry.local.qe.lab.redhat.com 10.46.46.72
;; connection timed out; no servers could be reached

nslookup: write to '10.46.46.72': Connection refused

hmm are you on a VPN or something?

no. my laptop is. but this machine ^^ is in my lan

what does docker run --rm alpine ip route return?

[root@ocp-edge93 ~]# docker run --rm alpine ip route
default via 10.88.0.1 dev eth0
10.88.0.0/16 dev eth0 scope link src 10.88.0.92

ok, can you try docker run --rm alpine nslookup registry.local.qe.lab.redhat.com 10.88.0.1 ?

same 'connection refused'

[root@ocp-edge93 ~]# docker run --rm alpine nslookup registry.local.qe.lab.redhat.com 10.88.0.1
;; connection timed out; no servers could be reached

nslookup: write to '10.88.0.1': Connection refused

I'm trying to see if podman can reach your local machine's dns server

can't seem to figure out how to do that

with --net=host

that's not the same thing

--net=host basically uses no network namespacing at all

does docker run --rm alpine ping host.docker.internal do anything?

@dry parrot Have to drop. too late for me...

np, thx for trying

this is not an easy one

in summary --net host doesn't work with Dagger

if we can figure out a way for podman to use your host's dnsmasq instance, that will work

but I don't use podman myself

so can't really do a deep testing here

let's continue tomorrow. good night