In our private network we have a Consul service discovery server (10.241.232.14
) that provides a DNS interface (port 8600
). We would like to set our common DNS servers to forward some queries to the Consul in order to resolve the hostnames of dockerized services into the names of physical servers they are running on.
So we have Ubuntu 14.10 on our desktops with dnsmasq
preinstalled. We added a file into /etc/dnsmasq.d
providing the information about the Consul's private DNS (please note that there are some other system-wise DNS servers that are configured by DHCP: local dnsmasq
instance should be aware of all of them too):
$ cat /etc/dnsmasq.d/10-consul
server=/service.search.km./10.241.232.14#8600
After dnsmasq
's restart we are able to perform name lookups with such standard tools as dig
, nslookup
or host
:
$ host jenkins-deb-builder.service.search.km
jenkins-deb-builder.service.search.km is an alias for mailtest-4.dev.search.km.
$ nslookup jenkins-deb-builder.service.search.km
Server: 127.0.0.1
Address: 127.0.0.1#53
jenkins-deb-builder.service.search.km canonical name = mailtest-4.dev.search.km.
$ dig @localhost jenkins-deb-builder.service.search.km
; <<>> DiG 9.9.5-4.3ubuntu0.2-Ubuntu <<>> @localhost jenkins-deb-builder.service.search.km
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32618
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;jenkins-deb-builder.service.search.km. IN A
;; ANSWER SECTION:
jenkins-deb-builder.service.search.km. 0 IN CNAME mailtest-4.dev.search.km.
;; Query time: 25 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jun 23 19:49:45 MSK 2015
;; MSG SIZE rcvd: 130
But for a some reason we cannot ping or connect to this address:
$ ping jenkins-deb-builder.service.search.km
ping: unknown host jenkins-deb-builder.service.search.km
$ curl http://jenkins-deb-builder.service.search.km:8082
curl: (6) Could not resolve host: jenkins-deb-builder.service.search.km
Here are our configs:
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search int.pv.km srv.pv.km dev.ix.km search.km ix.km srv.search.km
$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: compat
group: compat
shadow: compat
# hosts: files mdns4_minimal [NOTFOUND=return] dns
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
I've seen several similair questions over here, but none of them corresponds directly to our problem. Any help will be appreciated.
FYI: I've noticed that ping
writes to the descriptor truncated hostname jenkins-deb-builder
instead of jenkins-deb-builder.service.search.km
… What's going on here?
$ strace ping jenkins-deb-builder.service.consul
...
stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=239, ...}) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\364\25\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 52, MSG_NOSIGNAL, NULL, 0) = 52
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [127]) = 0
recvfrom(3, "\364\25\201\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 127
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\220P\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 62, MSG_NOSIGNAL, NULL, 0) = 62
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [112]) = 0
recvfrom(3, "\220P\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 112
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\354\274\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 62, MSG_NOSIGNAL, NULL, 0) = 62
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [118]) = 0
recvfrom(3, "\354\274\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 118
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\211\222\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 62, MSG_NOSIGNAL, NULL, 0) = 62
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [112]) = 0
recvfrom(3, "\211\222\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 112
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\2077\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 62, MSG_NOSIGNAL, NULL, 0) = 62
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [112]) = 0
recvfrom(3, "\2077\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 112
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\257b\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 58, MSG_NOSIGNAL, NULL, 0) = 58
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [108]) = 0
recvfrom(3, "\257b\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 108
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "L5\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 66, MSG_NOSIGNAL, NULL, 0) = 66
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [116]) = 0
recvfrom(3, "L5\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 116
close(3) = 0
write(2, "ping: unknown host jenkins-deb-b"..., 54ping: unknown host jenkins-deb-builder.service.consul
) = 54
exit_group(2)
Best Answer
ping
andcurl
are trying to get an actual IP address but the answer to the resolution jenkins-deb-builder.service.search.km is a CNAME ( mailtest-4.dev.search.km ) and that canonical name doesn't resolve to an IP address, that's why those tools cannot get an IP address.If Consul is able to resolve mailtest-4.dev.search.km then maybe you should modify your dnsmasq to be something like: