Staging instance, all changes can be removed at any time

Skip to content

production/saam: Define a specific resolver configuration

Guillaume Samson requested to merge saam_dns_resolver into production

Related to swh/infra/sysadm-environment#5244 (closed)

These modifications will create a specific resolv.conf on a deployment.
Objective: reduce the number of DNS queries.
Ndots option is set to 2 (5 before) and nameservers is limited to 3 (5 before).

Helm diff 
./swh/helm-diff.sh
[swh] Comparing changes between branches production and saam_dns_resolver (per environment)...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/saam_dns_resolver'.
[swh] Generate config in saam_dns_resolver branch for environment staging...
[swh] Generate config in saam_dns_resolver branch for environment staging...
[swh] Generate config in saam_dns_resolver branch for environment staging...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/saam_dns_resolver'.
[swh] Generate config in saam_dns_resolver branch for environment production...
[swh] Generate config in saam_dns_resolver branch for environment production...
[swh] Generate config in saam_dns_resolver branch for environment production...


------------- diff for environment staging namespace swh -------------

--- /tmp/swh-chart.swh.oBAfXg7S/staging-swh.before	2024-02-23 11:00:56.828174201 +0100
+++ /tmp/swh-chart.swh.oBAfXg7S/staging-swh.after	2024-02-23 11:00:57.232180462 +0100
@@ -4429,20 +4429,29 @@
                   name: common-secrets
                   key: storage-sentry-dsn
                   # 'name' secret should exist & include key
                   # if the setting doesn't exist, sentry pushes will be disabled
                   optional: true
             - name: SWH_SENTRY_DISABLE_LOGGING_EVENTS
               value: "true"
           volumeMounts:
           - name: configuration
             mountPath: /etc/swh
+        
+      dnsConfig:
+        options:
+          - name: ndots
+            value: "2"
+        searches:
+          - cluster.local
+          - svc.cluster.local
+          - swh.svc.cluster.local
       volumes:
       - name: configuration
         emptyDir: {}
       - name: configuration-template
         configMap:
           name: storage-postgresql-read-only-configuration-template
           items:
           - key: "config.yml.template"
             path: "config.yml.template"
       - name: database-utils


------------- diff for environment staging namespace swh-cassandra -------------

No differences


------------- diff for environment staging namespace swh-cassandra-next-version -------------

No differences


------------- diff for environment production namespace swh -------------

--- /tmp/swh-chart.swh.oBAfXg7S/production-swh.before	2024-02-23 11:00:57.768188766 +0100
+++ /tmp/swh-chart.swh.oBAfXg7S/production-swh.after	2024-02-23 11:00:58.084193661 +0100
@@ -23815,21 +23815,20 @@
                   # if the setting doesn't exist, sentry pushes will be disabled
                   optional: true
             - name: SWH_SENTRY_DISABLE_LOGGING_EVENTS
               value: "true"
           volumeMounts:
           - name: configuration
             mountPath: /etc/swh
           - name: pathslicing-rw
             mountPath: /srv/softwareheritage/objects
             readOnly: false
-          
       volumes:
       - name: configuration
         emptyDir: {}
       - name: configuration-template
         configMap:
           name: storage-postgresql-saam-zfs-configuration-template
           items:
           - key: "config.yml.template"
             path: "config.yml.template"
       - name: database-utils


------------- diff for environment production namespace swh-cassandra -------------

No differences

The ndots 2 will keep the search option for:

  • the query to another ns: <service_name>.<namespace>
  • the query to the same ns: <service_name> 
swh@swh-toolbox-df86bd6cd-7cbsp:~$ getent hosts kubernetes.default
10.43.0.1       kubernetes.default.svc.cluster.local
swh@swh-toolbox-df86bd6cd-7cbsp:~$ getent hosts memcached
10.43.41.116    memcached.swh.svc.cluster.local

And bypass it for the longer name resolution:

+     20 2euwestswh.blob.core.windows.net.
-     20 2euwestswh.blob.core.windows.net.cluster.local.
-     20 2euwestswh.blob.core.windows.net.internal.softwareheritage.org.
-     20 2euwestswh.blob.core.windows.net.softwareheritage.org.
-     20 2euwestswh.blob.core.windows.net.svc.cluster.local.
-     20 2euwestswh.blob.core.windows.net.swh.svc.cluster.local.

For testing purpose, these modifications is applied on a storage deployment (storage-postgresql-read-only) in staging environment.

Merge request reports