ec39ac4d95
Add option ndots:1 to /etc/resolv.conf
This fixes a few issues with DNS queries within docker containers.
Normally when looking up a host name such as "debian.org", libc appends
the search domains from /etc/resolv.conf to the host name, then makes a
separate query for each "long" name. For example, if "search" in
/etc/resolv.conf contains "domain1.org domain2.org", we make 3 queries
when looking for debian.org's IP addr:
- debian.org.domain1.org (fail)
- debian.org.domain2.org (fail)
- debian.org (success)
Setting "ndots:1" makes it send the last unqualified query before the
other queries with appended search domains -- for any names that
contain >= 1 dot.
This patch solves 2 problems:
(1) In Alpine Linux (used by the "docker" pod), libc has a limitation:
the domain search list can't have more than 5 entries. If it does it
stops sending any more DNS queries and the last (unqualified) query
never happens, so many hostname lookups fail.
(2) These extra queries are not necessary a lot of the time, so this
patch makes host name lookups faster
TESTS
===============================
- Rebuild all containers
- Rebuild packages and the ISO
- Make sure DNS queries work in all containers
Story: 2009897
Task: 45156
Signed-off-by: Davlet Panech <davlet.panech@windriver.com>
Change-Id: I7dd72b8fcc776821138c362c3aec9f4e5962a319
77 lines
1.4 KiB
YAML
77 lines
1.4 KiB
YAML
# Default values for stx-repomgr.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
---
|
|
replicaCount: 1
|
|
|
|
image:
|
|
repository: stx-aptly
|
|
pullPolicy: IfNotPresent
|
|
# Overrides the image tag whose default is the chart appVersion.
|
|
tag: "v0.1.0"
|
|
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
volumeMounts:
|
|
name: shared-workspace
|
|
mountPath: /var/aptly
|
|
|
|
volumes:
|
|
name: shared-workspace
|
|
hostPath:
|
|
path: /aptly
|
|
|
|
podAnnotations: {}
|
|
|
|
dnsConfig:
|
|
options:
|
|
- name: ndots
|
|
value: "1"
|
|
|
|
podSecurityContext: {}
|
|
# fsGroup: 2000
|
|
|
|
securityContext: {}
|
|
# capabilities:
|
|
# drop:
|
|
# - ALL
|
|
# readOnlyRootFilesystem: true
|
|
# runAsNonRoot: true
|
|
# runAsUser: 1000
|
|
|
|
sendservice:
|
|
type: ClusterIP
|
|
port: 80
|
|
|
|
recvservice:
|
|
type: ClusterIP
|
|
port: 8080
|
|
|
|
resources: {}
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 1
|
|
maxReplicas: 100
|
|
targetCPUUtilizationPercentage: 80
|
|
# targetMemoryUtilizationPercentage: 80
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|