Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Let's use getent ahosts instead of dig +short #355

Open
vazhnov opened this issue Dec 9, 2024 · 2 comments
Open

Let's use getent ahosts instead of dig +short #355

vazhnov opened this issue Dec 9, 2024 · 2 comments
Assignees
@fireflycons
Labels
bug Something isn't working

Comments

@vazhnov
Copy link

vazhnov commented Dec 9, 2024
edited
Loading

Hello!

Thank you for the project!

I recommend to use getent ahosts NAME instead of dig +short NAME in this course, for both: manual steps in the documentation and scripts.

getent is a tool usually included into even very minimalistic OS setup.

getent follows /etc/nsswitch.conf rules (reads /etc/hosts, mDNS, etc.), while dig is mainly designed to troubleshoot external DNS servers. Much more details about the difference can be found in https://unix.stackexchange.com/questions/20784/ (or in my brief summary).

I think using dig is a bad practice when custom records in /etc/hosts are used. getent is designed for such cases.

I'm currently in step 08 and I see no issues with this replacement.

Also I've checked: using getent ahosts is compatible with both Vagrant images, Ubuntu and Debian, to do steps of this course.

Currently script vagrant/ubuntu/update-dns.sh fails to apply in Debian let's skip this for dedicated issue.
@vazhnov vazhnov added the bug Something isn't working label Dec 9, 2024
@fireflycons
Copy link
Collaborator

I'm using dig +short because it returns only the IP address with no need to muck about with awk to get it. getent will return IP+HOST
The lab's not millisecond performance critical so if dig does waste time getting a negative response from DNS before checking hosts file, not really an issue.

@vazhnov
Copy link
Author

vazhnov commented Dec 10, 2024

I'm using dig +short because it returns only the IP address with no need to muck about with awk to get it. getent will return IP+HOST

I agree, I have to use getent ahosts example.com | awk '{ print $1 ; exit }' to return only one IP-address without name.

The lab's not millisecond performance critical so if dig does waste time getting a negative response from DNS before checking hosts file, not really an issue.

The thing is — dig doesn't use /etc/hosts at all. In case of the lab, I think that systemd-resolved is doing that.

This change is also about to teach people to use proper tools.

vazhnov added a commit to vazhnov/kubernetes-the-hard-way__vagrant that referenced this issue Dec 18, 2024
@vazhnov
Use getent ahosts everywhere because it follows `/etc/nsswitch.conf…
d0dab69 
…` rules (reads `/etc/hosts`, mDNS, etc.), instead of `dig +short`

See mmumshad#355
@vazhnov vazhnov mentioned this issue Dec 19, 2024
Merged
@vazhnov vazhnov mentioned this issue Jan 3, 2025
Open
vazhnov added a commit to vazhnov/kubernetes-the-hard-way__vagrant that referenced this issue Jan 15, 2025
@vazhnov
Merge pull request #2 from vazhnov/changes_2024-12
f65f8ae 
Multiple changes 2024-12:

* Added GitHub actions [Differential ShellCheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck).
    + I had to add temporary SC2166 and SC2059 to ShellCheck ignored because there are too much changes I have to do.
* Fixed a bunch of linter warnings in Bash scripts.
* Added compatibility with Vagrant Debian image guests.
* The new code should be compatible with both Ubuntu and Debian Vagrant images (was: Ubuntu only).
* Use Debian images instead of Ubuntu — less memory consumption, less services to disable, no Snap.
* Stop and disable extra services, no need in auto-update on the lab guest VMs:
    + motd-news.timer
    + ubuntu-advantage.service
    + apt-daily.timer
    + apt-daily.service
    + unattended-upgrades.service
* Replaced all `dig +short NAME` to `getent ahosts example.com | awk '{ print $1 ; exit }'`
    + because it follows `/etc/nsswitch.conf` rules (reads `/etc/hosts`, mDNS, etc.), see mmumshad#355.
* Fix typo in `docs/04-certificate-authority.md`: `SERVICE_CIDR` should be `10.96.0.0/16`.
* No need in `resolvConf` in `docs/10-bootstrapping-kubernetes-workers.md` and in `docs/11-tls-bootstrapping-kubernetes-workers.md` for Debian guests.
* `cert_verify.sh` checks certificate in the current directory (was: all certs must be in `$HOME`), add new variable `WORKDIR`.
* All interactive `apt` commands: remove `-y` argument, because these commands are executed interactively.
* Add `gpg` and `--no-install-recommends` to `apt-get install -y apt-transport-https ca-certificates curl` in `docs/09-install-cri-workers.md`.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fireflycons fireflycons

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vazhnov @fireflycons