IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

azure: Mask systemd-resolved

Browse Source 
The initial value of NS of resolv.conf is 127.0.0.11, this
is the embedded NS of docker-compose. The disabling of
this feature is not currently supported by Docker.

On startup systemd-resolved caches the /etc/resolv.conf
(docker-compose version), which is later modified by
setup_containers.py script.

This results in resolving error occurs:
```console
[root@replica1 /]# getent ahosts master1.ipa.test
... can't resolve

[root@replica1 /]# grep 'hosts:' /etc/nsswitch.conf
hosts:      files myhostname resolve [!UNAVAIL=return] dns

[root@replica1 /]# resolvectl status
Global
       LLMNR setting: resolve
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 127.0.0.11
         DNS Servers: 127.0.0.11
Fallback DNS Servers: 1.1.1.1
                      8.8.8.8
                      1.0.0.1
                      8.8.4.4
                      2606:4700:4700::1111
                      2001:4860:4860::8888
                      2606:4700:4700::1001
                      2001:4860:4860::8844
```

According to docs:
https://www.freedesktop.org/software/systemd/man/systemd-resolved.service.html#/etc/resolv.conf
our case is 4(managed by other packages).

So, restart of systemd-resolved is enough for its re-initialization,
but not for services that already received DNS results. To speed up
the overall process and to no restart each service which wants
internet connection(or wait until service retries connection)
systemd-resolved is masked.

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Stanislav Levin 2021-05-06 22:19:31 +03:00 committed by Alexander Bokovoy
parent 7ed21f158c
commit 06d7c7f1d3
2 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ipatests/azure/Dockerfiles/Dockerfile.build.fedora
View File

@ -24,6 +24,7 @@ RUN echo 'deltarpm = false' >> /etc/dnf/dnf.conf \
&& systemctl enable sshd \
&& for i in /usr/lib/systemd/system/*-domainname.service; \
do sed -i 's#^ExecStart=/#ExecStart=-/#' $i ; done \
&& { systemctl mask systemd-resolved ||: ; } \
&& systemctl set-default multi-user.target
STOPSIGNAL RTMIN+3

1
ipatests/azure/Dockerfiles/Dockerfile.build.rawhide
View File

@ -26,6 +26,7 @@ RUN echo 'deltarpm = false' >> /etc/dnf/dnf.conf \
&& systemctl enable sshd \
&& for i in /usr/lib/systemd/system/*-domainname.service; \
do sed -i 's#^ExecStart=/#ExecStart=-/#' $i ; done \
&& { systemctl mask systemd-resolved ||: ; } \
&& systemctl set-default multi-user.target
STOPSIGNAL RTMIN+3