htwkmooc/poseidon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix Runner DNS resolution

Browse Source 
by adding public nameservers to the CNI secure bridge configuration.
This commit is contained in:
Maximilian Paß
2024-03-28 14:15:47 +01:00
parent 39d25d2223
commit 9deee186a7
4 changed files with 28 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
internal/environment/nomad_environment.go
View File

@ -8,6 +8,7 @@ import (
"github.com/google/uuid"
nomadApi "github.com/hashicorp/nomad/api"
"github.com/hashicorp/nomad/jobspec2"
"github.com/openHPI/poseidon/internal/config"
"github.com/openHPI/poseidon/internal/nomad"
"github.com/openHPI/poseidon/internal/runner"
"github.com/openHPI/poseidon/pkg/dto"
@ -170,16 +171,7 @@ func (n *NomadEnvironment) SetNetworkAccess(allow bool, exposedPorts []uint16) {
}
if allow {
var networkResource *nomadApi.NetworkResource
if len(defaultTaskGroup.Networks) == 0 {
networkResource = &nomadApi.NetworkResource{}
defaultTaskGroup.Networks = []*nomadApi.NetworkResource{networkResource}
} else {
networkResource = defaultTaskGroup.Networks[0]
}
// Prefer "bridge" network over "host" to have an isolated network namespace with bridged interface
// instead of joining the host network namespace.
networkResource.Mode = "cni/secure-bridge"
networkResource := config.Config.Nomad.Network
for _, portNumber := range exposedPorts {
port := nomadApi.Port{
Label: strconv.FormatUint(uint64(portNumber), portNumberBase),
@ -187,6 +179,11 @@ func (n *NomadEnvironment) SetNetworkAccess(allow bool, exposedPorts []uint16) {
}
networkResource.DynamicPorts = append(networkResource.DynamicPorts, port)
}
if len(defaultTaskGroup.Networks) == 0 {
defaultTaskGroup.Networks = []*nomadApi.NetworkResource{&networkResource}
} else {
defaultTaskGroup.Networks[0] = &networkResource
}
// Explicitly set mode to override existing settings when updating job from without to with network.
// Don't use bridge as it collides with the bridge mode above. This results in Docker using 'bridge'
@ -332,12 +329,12 @@ func (n *NomadEnvironment) SetConfigFrom(environment runner.ExecutionEnvironment
}
func parseJob(jobHCL string) (*nomadApi.Job, error) {
config := jobspec2.ParseConfig{
jobConfig := jobspec2.ParseConfig{
Body: []byte(jobHCL),
AllowFS: false,
Strict: true,
}
job, err := jobspec2.ParseWithConfig(&config)
job, err := jobspec2.ParseWithConfig(&jobConfig)
if err != nil {
return job, fmt.Errorf("couldn't parse job HCL: %w", err)
}