在我们的私人网络中我们有一个领事服务发现服务器(10.241.232.14),提供 DNS 接口(端口8600)。我们希望设置我们的通用 DNS 服务器,将一些查询转发到 Consul,以便解析docker 化将服务转换为其所运行的物理服务器的名称。
因此,我们的桌面上已dnsmasq预装了 Ubuntu 14.10。我们添加了一个文件来/etc/dnsmasq.d提供有关 Consul 私有 DNS 的信息(请注意,还有一些其他由 DHCP 配置的系统级 DNS 服务器:本地dnsmasq实例也应该知道所有这些服务器):
$ cat /etc/dnsmasq.d/10-consul
server=/service.search.km./10.241.232.14#8600
dnsmasq重启后我们可以进行名称查找使用以下标准工具dig:nslookuphost
$ host jenkins-deb-builder.service.search.km
jenkins-deb-builder.service.search.km is an alias for mailtest-4.dev.search.km.
$ nslookup jenkins-deb-builder.service.search.km
Server: 127.0.0.1
Address: 127.0.0.1#53
jenkins-deb-builder.service.search.km canonical name = mailtest-4.dev.search.km.
$ dig @localhost jenkins-deb-builder.service.search.km
; <<>> DiG 9.9.5-4.3ubuntu0.2-Ubuntu <<>> @localhost jenkins-deb-builder.service.search.km
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32618
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;jenkins-deb-builder.service.search.km. IN A
;; ANSWER SECTION:
jenkins-deb-builder.service.search.km. 0 IN CNAME mailtest-4.dev.search.km.
;; Query time: 25 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jun 23 19:49:45 MSK 2015
;; MSG SIZE rcvd: 130
但出于某种原因我们无法 ping 或连接到这个地址:
$ ping jenkins-deb-builder.service.search.km
ping: unknown host jenkins-deb-builder.service.search.km
$ curl http://jenkins-deb-builder.service.search.km:8082
curl: (6) Could not resolve host: jenkins-deb-builder.service.search.km
这是我们的配置:
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search int.pv.km srv.pv.km dev.ix.km search.km ix.km srv.search.km
$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: compat
group: compat
shadow: compat
# hosts: files mdns4_minimal [NOTFOUND=return] dns
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
我在这里看到过几个类似的问题,但没有一个与我们的问题直接相关。任何帮助都将不胜感激。
供参考:我注意到ping写入描述符截断的主机名jenkins-deb-builder而不是jenkins-deb-builder.service.search.km......这是怎么回事?
$ strace ping jenkins-deb-builder.service.consul
...
stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=239, ...}) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\364\25\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 52, MSG_NOSIGNAL, NULL, 0) = 52
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [127]) = 0
recvfrom(3, "\364\25\201\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 127
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\220P\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 62, MSG_NOSIGNAL, NULL, 0) = 62
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [112]) = 0
recvfrom(3, "\220P\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 112
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\354\274\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 62, MSG_NOSIGNAL, NULL, 0) = 62
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [118]) = 0
recvfrom(3, "\354\274\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 118
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\211\222\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 62, MSG_NOSIGNAL, NULL, 0) = 62
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [112]) = 0
recvfrom(3, "\211\222\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 112
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\2077\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 62, MSG_NOSIGNAL, NULL, 0) = 62
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [112]) = 0
recvfrom(3, "\2077\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 112
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\257b\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 58, MSG_NOSIGNAL, NULL, 0) = 58
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [108]) = 0
recvfrom(3, "\257b\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 108
close(3) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "L5\1\0\0\1\0\0\0\0\0\0\23jenkins-deb-builder"..., 66, MSG_NOSIGNAL, NULL, 0) = 66
poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [116]) = 0
recvfrom(3, "L5\205\203\0\1\0\0\0\1\0\0\23jenkins-deb-builder"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 116
close(3) = 0
write(2, "ping: unknown host jenkins-deb-b"..., 54ping: unknown host jenkins-deb-builder.service.consul
) = 54
exit_group(2)
答案1
ping并curl试图获取一个实际的 IP 地址,但解析 jenkins-deb-builder.service.search.km 的答案是 CNAME(mailtest-4.dev.search.km),并且该规范名称不能解析为 IP 地址,这就是这些工具无法获取 IP 地址的原因。
如果 Consul 能够解析 mailtest-4.dev.search.km 那么也许您应该修改您的 dnsmasq 如下:
server=/search.km./10.241.232.14#8600
答案2
正如 pablo-martinez 指出的那样,您的 nslookup 和 dig 响应不包含 IP 地址。这表明您的 DNS 服务器有CNAMEjenkins-deb-builder.service.search.km 的记录,但没有Amailtest-4.dev.search.km 的记录。
将相应的A记录添加到您的 DNS 服务器应该可以解决问题。