Skip to content

HADOOP-18087. fix bug when getting CNAME chain records and no record from remote dns server #3911

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

HADOOP-18087. fix bug when getting CNAME chain records and no record from remote dns server #3911

wants to merge 1 commit into from

Conversation

@eubnara
Copy link
Contributor

@eubnara eubnara commented Jan 21, 2022

Description of PR

When query A record which is chained by CNAME, YARN Registry DNS Server does not properly respond. Some CNAME records are missing.

For example, "repo.maven.apache.org" is chaned as follows:

repo.maven.apache.org. 21317 IN CNAME repo.apache.maven.org.
repo.apache.maven.org. 20114 IN CNAME maven.map.fastly.net.
maven.map.fastly.net. 7 IN A 199.232.192.215
maven.map.fastly.net. 7 IN A 199.232.196.215

If ask A record for "repo.maven.apache.org" using "dig" or "nslookup", YARN Registry DNS Server will give answers similar to this:
(10.1.2.3, 10.8.8.8 IP is virtual)

$ nslookup repo.maven.apache.org 10.1.2.3
Server:		10.1.2.3
Address:	10.1.2.3#53

Non-authoritative answer:
repo.maven.apache.org	canonical name = repo.apache.maven.org.
Name:	maven.map.fastly.net
Address: 151.101.196.215
** server can't find repo.apache.maven.org: NXDOMAIN

The reason why you can see "NXDOMAIN", "nslookup" will query "A" & "AAAA" records.
If there is no answer from other dns server, "answers == null" but YARN Registry DNS Server has a bug. There is no null handling.

    // Forward lookup to primary DNS servers
    Record[] answers = getRecords(name, type);
    try {
      for (Record r : answers) {
        if (!response.findRecord(r)) {
          if (r.getType() == Type.SOA) {
            response.addRecord(r, Section.AUTHORITY);
          } else {
            response.addRecord(r, Section.ANSWER);
          }
        }
        if (r.getType() == Type.CNAME) {
          Name cname = r.getName();
          if (iterations < 6) {
            remoteLookup(response, cname, type, iterations + 1);
          }
        }
      }
    } catch (NullPointerException e) {
      return Rcode.NXDOMAIN;
    } catch (Throwable e) {
      return Rcode.SERVFAIL;
    }
    return Rcode.NOERROR;

It should be like this:

nslookup repo.maven.apache.org 10.8.8.8
Server:		10.8.8.8
Address:	10.8.8.8#53

Non-authoritative answer:
repo.maven.apache.org	canonical name = repo.apache.maven.org.
repo.apache.maven.org	canonical name = maven.map.fastly.net.
Name:	maven.map.fastly.net
Address: 151.101.196.215

How was this patch tested?

  • apply this patch to YARN Registry DNS Server in our cluster & test with dig and nslookup

For code changes:

  • Does the title or this PR starts with the corresponding JIRA issue id (e.g. 'HADOOP-17799. Your PR title ...')?
  • Object storage: have the integration tests been executed and the endpoint declared according to the connector-specific documentation?
  • If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
  • If applicable, have you updated the LICENSE, LICENSE-binary, NOTICE-binary files?

@hadoop-yetus
Copy link

hadoop-yetus commented Jan 21, 2022

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 0m 58s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+0 🆗 codespell 0m 1s codespell was not available.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
-1 ❌ test4tests 0m 0s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
_ trunk Compile Tests _
+1 💚 mvninstall 32m 28s trunk passed
+1 💚 compile 22m 47s trunk passed with JDK Ubuntu-11.0.13+8-Ubuntu-0ubuntu1.20.04
+1 💚 compile 19m 33s trunk passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚 checkstyle 0m 40s trunk passed
+1 💚 mvnsite 0m 47s trunk passed
+1 💚 javadoc 0m 45s trunk passed with JDK Ubuntu-11.0.13+8-Ubuntu-0ubuntu1.20.04
+1 💚 javadoc 0m 43s trunk passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚 spotbugs 1m 3s trunk passed
+1 💚 shadedclient 20m 42s branch has no errors when building and testing our client artifacts.
_ Patch Compile Tests _
+1 💚 mvninstall 0m 22s the patch passed
+1 💚 compile 21m 31s the patch passed with JDK Ubuntu-11.0.13+8-Ubuntu-0ubuntu1.20.04
+1 💚 javac 21m 31s the patch passed
+1 💚 compile 19m 30s the patch passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚 javac 19m 30s the patch passed
+1 💚 blanks 0m 0s The patch has no blanks issues.
+1 💚 checkstyle 0m 39s the patch passed
+1 💚 mvnsite 0m 46s the patch passed
+1 💚 javadoc 0m 44s the patch passed with JDK Ubuntu-11.0.13+8-Ubuntu-0ubuntu1.20.04
+1 💚 javadoc 0m 43s the patch passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚 spotbugs 1m 12s the patch passed
+1 💚 shadedclient 21m 14s patch has no errors when building and testing our client artifacts.
_ Other Tests _
-1 ❌ unit 1m 30s /patch-unit-hadoop-common-project_hadoop-registry.txt hadoop-registry in the patch passed.
+1 💚 asflicense 0m 59s The patch does not generate ASF License warnings.
172m 39s
Reason Tests
Failed junit tests hadoop.registry.server.dns.TestRegistryDNS
hadoop.registry.server.dns.TestSecureRegistryDNS
Subsystem Report/Notes
Docker ClientAPI=1.41 ServerAPI=1.41 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-3911/1/artifact/out/Dockerfile
GITHUB PR #3911
Optional Tests dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient spotbugs checkstyle codespell
uname Linux 59668e60685d 4.15.0-65-generic #74-Ubuntu SMP Tue Sep 17 17:06:04 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/bin/hadoop.sh
git revision trunk / e20271e
Default Java Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
Multi-JDK versions /usr/lib/jvm/java-11-openjdk-amd64:Ubuntu-11.0.13+8-Ubuntu-0ubuntu1.20.04 /usr/lib/jvm/java-8-openjdk-amd64:Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
Test Results https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-3911/1/testReport/
Max. process+thread count 610 (vs. ulimit of 5500)
modules C: hadoop-common-project/hadoop-registry U: hadoop-common-project/hadoop-registry
Console output https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-3911/1/console
versions git=2.25.1 maven=3.6.3 spotbugs=4.2.2
Powered by Apache Yetus 0.14.0-SNAPSHOT https://yetus.apache.org

This message was automatically generated.

@steveloughran
Copy link
Contributor

steveloughran commented Jan 24, 2022

do we have someone who understands DNS well enough to review this?

@eubnara
Copy link
Contributor Author

eubnara commented Jan 24, 2022

@steveloughran
Why close this issue?
YARN Registry DNS is not maintained anymore?

@steveloughran
Copy link
Contributor

steveloughran commented Jan 25, 2022

sorry, hadn't meant to press the close button, just the comment one

can you submit a new PR?

@eubnara
Copy link
Contributor Author

eubnara commented Jan 26, 2022

I made new PR at #3935

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@eubnara @hadoop-yetus @steveloughran