Do not accept DHCP DNS servers if manually defined. Check resolv.conf…

… file for updated --dns-server instead of guestinfo. (#7824) * Enable SSH and check /etc/resolv.conf directly for the appropriate config changes. * DNS vic-machine test has been updated to look for the real data. * Removed guest info check. * Improved behavior with DHCP DNS server assignment. Ignore DHCP settings if DNS servers are set manually via --dns-server option. * Added more logs to track which DHCP options are set.
vmware · Apr 27, 2018 · 5b15145 · 5b15145
1 parent 26ee2f9
commit 5b15145
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 18 deletions.
diff --git a/lib/tether/ops_linux.go b/lib/tether/ops_linux.go
@@ -374,9 +374,11 @@ func getDynamicIP(t Netlink, link netlink.Link, endpoint *NetworkEndpoint) (clie
 
 	params := []byte{byte(dhcp4.OptionSubnetMask)}
 	if ip.IsUnspecifiedIP(endpoint.Network.Gateway.IP) {
+		log.Debugf("No gateway IP. Asking DHCP.")
 		params = append(params, byte(dhcp4.OptionRouter))
 	}
 	if len(endpoint.Network.Nameservers) == 0 {
+		log.Debugf("No name servers configured. Asking DHCP.")
 		params = append(params, byte(dhcp4.OptionDomainNameServer))
 	}
 
@@ -416,6 +418,8 @@ func updateEndpoint(newIP *net.IPNet, endpoint *NetworkEndpoint) {
 		return
 	}
 
+	log.Debugf("DHCP data: %#v", dhcp)
+	log.Debugf("DHCP DNS Servers %s: ", dhcp.Nameservers)
 	endpoint.Assigned = dhcp.Assigned
 	endpoint.Network.Assigned.Gateway = dhcp.Gateway
 	if len(dhcp.Nameservers) > 0 {
@@ -582,11 +586,15 @@ func (t *BaseOperations) updateHosts(endpoint *NetworkEndpoint) error {
 func (t *BaseOperations) updateNameservers(endpoint *NetworkEndpoint) error {
 	gw := endpoint.Network.Assigned.Gateway
 	ns := endpoint.Network.Assigned.Nameservers
-	// if `--dns-server` option is supplied at VCH creation, do not overwrite with
-	// dhcp-provided name servers, and make sure they appear at the top of the list
+
+	if len(ns) > 0 && len(endpoint.Network.Nameservers) > 0 {
+		log.Debugf("DHCP server returned DNS server configuration, it will be ignored")
+	}
+	// Manually set DNS servers should always be DNS servers that are being in use.
 	if len(endpoint.Network.Nameservers) > 0 {
-		ns = append(endpoint.Network.Nameservers, ns...)
+		ns = endpoint.Network.Nameservers
 	}
+
 	// Add nameservers
 	// This is incredibly trivial for now - should be updated to a less messy approach
 	if len(ns) > 0 {
@@ -616,6 +624,8 @@ func ApplyEndpoint(nl Netlink, t *BaseOperations, endpoint *NetworkEndpoint) err
 		return nil // already applied
 	}
 
+	log.Debugf("Static name servers: %s", endpoint.Network.Nameservers)
+
 	// Locate interface
 	slot, err := strconv.Atoi(endpoint.ID)
 	if err != nil {

diff --git a/tests/test-cases/Group6-VIC-Machine/6-16-Config.robot b/tests/test-cases/Group6-VIC-Machine/6-16-Config.robot
@@ -179,21 +179,38 @@ Configure VCH https-proxy through vch id
     Should Not Contain  ${output}  proxy.vmware.com:3128
 
 Configure VCH DNS server
-    ${status}=  Get State Of Github Issue  7775
-    Run Keyword If  '${status}' == 'closed'  Fail  Test 6-16-Config.robot needs to be updated now that Issue #7775 has been resolved
-    Log  Issue \#7775 is blocking implementation  WARN
-#    ${output}=  Run  bin/vic-machine-linux inspect config --name=%{VCH-NAME} --target=%{TEST_URL} --thumbprint=%{TEST_THUMBPRINT} --user=%{TEST_USERNAME} --password=%{TEST_PASSWORD} --timeout %{TEST_TIMEOUT}
-#    Should Not Contain  ${output}  --dns-server
-#    ${output}=  Run  bin/vic-machine-linux configure --name=%{VCH-NAME} --target=%{TEST_URL} --thumbprint=%{TEST_THUMBPRINT} --user=%{TEST_USERNAME} --password=%{TEST_PASSWORD} --timeout %{TEST_TIMEOUT} --dns-server 10.118.81.1 --dns-server 10.118.81.2
-#    Should Contain  ${output}  Completed successfully
-#    ${output}=  Run  bin/vic-machine-linux inspect config --name=%{VCH-NAME} --target=%{TEST_URL} --thumbprint=%{TEST_THUMBPRINT} --user=%{TEST_USERNAME} --password=%{TEST_PASSWORD} --timeout %{TEST_TIMEOUT}
-#    Should Contain  ${output}  --dns-server=10.118.81.1
-#    Should Contain  ${output}  --dns-server=10.118.81.2
-#    Wait Until Keyword Succeeds  10x  6s  Wait For DNS Update  ${true}
-#    ${output}=  Run  bin/vic-machine-linux configure --name=%{VCH-NAME} --target=%{TEST_URL} --thumbprint=%{TEST_THUMBPRINT} --user=%{TEST_USERNAME} --password=%{TEST_PASSWORD} --timeout %{TEST_TIMEOUT} --dns-server ""
-#    Should Contain  ${output}  Completed successfully
-#    Should Not Contain  ${output}  --dns-server
-#    Wait Until Keyword Succeeds  10x  6s  Wait For DNS Update  ${false}
+    ${output}=  Run  bin/vic-machine-linux inspect config --name=%{VCH-NAME} --target=%{TEST_URL} --thumbprint=%{TEST_THUMBPRINT} --user=%{TEST_USERNAME} --password=%{TEST_PASSWORD} --timeout %{TEST_TIMEOUT}
+    Should Not Contain  ${output}  --dns-server
+    ${output}=  Run  bin/vic-machine-linux configure --name=%{VCH-NAME} --target=%{TEST_URL} --thumbprint=%{TEST_THUMBPRINT} --user=%{TEST_USERNAME} --password=%{TEST_PASSWORD} --timeout %{TEST_TIMEOUT} --dns-server 10.118.81.1 --dns-server 10.118.81.2
+    Should Contain  ${output}  Completed successfully
+
+    Enable VCH SSH
+    ${rc}  ${output}=  Run And Return Rc and Output  sshpass -p %{TEST_PASSWORD} ssh -o StrictHostKeyChecking=no root@%{VCH-IP} cat /etc/resolv.conf
+    Should Be Equal As Integers  ${rc}  0
+    Should Contain  ${output}  nameserver 10.118.81.1
+    Should Contain  ${output}  nameserver 10.118.81.2
+
+    ${rc}  ${output}=  Run And Return Rc and Output  sshpass -p %{TEST_PASSWORD} ssh -o StrictHostKeyChecking=no root@%{VCH-IP} cat /etc/resolv.conf | grep nameserver | wc -l
+    Should Be Equal As Integers  ${rc}  0
+    Should Contain  ${output}  2
+
+    ${output}=  Run  bin/vic-machine-linux inspect config --name=%{VCH-NAME} --target=%{TEST_URL} --thumbprint=%{TEST_THUMBPRINT} --user=%{TEST_USERNAME} --password=%{TEST_PASSWORD} --timeout %{TEST_TIMEOUT}
+    Should Contain  ${output}  --dns-server=10.118.81.1
+    Should Contain  ${output}  --dns-server=10.118.81.2
+
+    ${output}=  Run  bin/vic-machine-linux configure --name=%{VCH-NAME} --target=%{TEST_URL} --thumbprint=%{TEST_THUMBPRINT} --user=%{TEST_USERNAME} --password=%{TEST_PASSWORD} --timeout %{TEST_TIMEOUT} --dns-server ""
+    Should Contain  ${output}  Completed successfully
+    Should Not Contain  ${output}  --dns-server
+
+    # Remove old SSH key since it changes after reboot.
+    ${rc}=  Run And Return Rc  ssh-keygen -f "/root/.ssh/known_hosts" -R %{VCH-IP}
+    Should Be Equal As Integers  ${rc}  0
+
+    Enable VCH SSH
+    ${rc}  ${output}=  Run And Return Rc and Output  sshpass -p %{TEST_PASSWORD} ssh -o StrictHostKeyChecking=no root@%{VCH-IP} cat /etc/resolv.conf
+    Should Be Equal As Integers  ${rc}  0
+    Should Not Contain  ${output}  nameserver 10.118.81.1
+    Should Not Contain  ${output}  nameserver 10.118.81.2
 
 Configure VCH resources
     ${output}=  Run  bin/vic-machine-linux configure --name=%{VCH-NAME} --target=%{TEST_URL}%{TEST_DATACENTER} --thumbprint=%{TEST_THUMBPRINT} --user=%{TEST_USERNAME} --password=%{TEST_PASSWORD} --timeout %{TEST_TIMEOUT} --cpu 5129 --cpu-reservation 10 --cpu-shares 8000 --memory 4096 --memory-reservation 10 --memory-shares 163840