[Pdns-users] Second alpha release of dnsdist 1.6.0
Hello everyone, We are happy to announce the second alpha release of dnsdist 1.6.0. This release contains mostly fixes for issues reported in the first release candidate: - A race condition was found to sometimes occur at startup, making it possible for the first TCP connection to happen before the creation of TCP workers and lead to a crash. - Stéphane Bortzmeyer reported many TCP timeouts with the first alpha that did not happen with 1.5.x. We unfortunately did not manage to reproduce these timeouts, but we spent quite some time expanding the coverage of our TCP code, uncovering several bugs in the process. Although we unfortunately cannot be sure that the issue experienced by Stéphane has been fixed, the resulting code has seen much more testing and we have received excellent feedback from other users in the meantime, leading to this second alpha candidate. - The cache cleaning algorithm did not properly remove expired entries from all shards, when more than one shard was used and "setCacheCleaningPercentage" set below 100%. This led to a drop in the cache efficiency in the long run. - A null pointer dereference has been found when accessing a dynamic BPF block (DynBPF) object in client mode. - A debug line was not properly removed in the web server code, logging a new line for every HTTP query. In addition to these fixes, Sander Hoentjen contributed several improvements to allow spoofing answers with multiple records, and Aki Tuomi introduced automatic conversion to string for several objects in Lua. Many thanks to them! Please see the dnsdist website [1] for the more complete changelog [2] and the current documentation. Please send us all feedback and issues you might have via the mailing list, or in case of a bug, via GitHub [3]. The tarball (signature) is available from our download server [4] and packages for CentOS 7 and 8, Debian Buster and Ubuntu Bionic and Focal are available from our repository [5]. With the future 1.6.0 final release, the 1.3.x releases will be EOL and the 1.4.x releases will go into critical security fixes only mode. We would also like to take this opportunity to announce that we will stop supporting systems using 32-bit time. This includes 32-bit Linux platforms like arm and i386 before kernel version 5.1. [1]: https://dnsdist.org [2]: https://dnsdist.org/changelog.html#change-1.6.0-alpha2 [3]: https://github.com/PowerDNS/pdns/issues/new/choose [4]: https://downloads.powerdns.com/releases/dnsdist-1.6.0-alpha2.tar.bz2 [5]: https://repo.powerdns.com Best regards, -- Remi Gacogne PowerDNS.COM BV - https://www.powerdns.com/ pgpUsv0IYBfQ0.pgp Description: OpenPGP digital signature ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] [EXT] Re: Buiding powerdns container images with podman
Hum.. I understand. In the first time I was directly launch the "docker-compose up -d" in the pdns directory ..but get the following error: COPY failed: file not found in build context or excluded by .dockerignore: stat builder/helpers/set-configure-ac-version.sh: file does not existERROR: Service 'recursor' failed to build* I receive some help to tell me first doing in the first time the tree step: git submodule init git submodule update ./builder/build.sh Once done, I get success to the "*docker-compose up*" commande and get all images (dnsdist, recursor, auth) with the "*docker image*" command. In an other way, you are right I can take my centos-8 image in a Dockerfile and perform the installation step by step. Very thanks! Le jeu. 4 mars 2021 à 13:07, Kevin P. Fleming a écrit : > I'm not sure that you are doing what you think you are doing; the > process you are following does not build container images for > *running* PowerDNS software, it uses containers to build installable > packages of PowerDNS software. > > If your goal is to build an image for deploying PowerDNS software, you > don't need to do any of this: you can just create a basic Dockerfile > (to use with podman) or shell script (to use with buildah) which > starts from a suitable base image (your choice of Linux distribution) > and installs the necessary PowerDNS packages. > > On Thu, Mar 4, 2021 at 7:03 AM Cheikh Dieng via Pdns-users > wrote: > > > > Sure ! > > > > > > [586062.628910] [178106] 1001 178106 3006 8969632 > 0 0 build-specs.sh > > [586062.635256] [178973] 1001 17897323714 980 225280 > 0 0 rpmbuild > > [586062.638735] [179018] 1001 179018 2973 7669632 > 0 0 sh > > [586062.642065] [186228] 1001 186228 1726 6965536 > 0 0 make > > [586062.645354] [186231] 1001 186231 1726 6861440 > 0 0 make > > [586062.649770] [186232] 1001 186232 2974 7769632 > 0 0 sh > > [586062.653263] [186621] 1001 186621 2974 7665536 > 0 0 sh > > [586062.656527] [186622] 1001 186622 1723 9561440 > 0 0 make > > [586062.660565] [186623] 1001 186623 2974 7673728 > 0 0 sh > > [586062.663908] [186628] 1001 186628 2974 7669632 > 0 0 sh > > [586062.667187] [186629] 1001 186629 1724 9657344 > 0 0 make > > [586062.671116] [186630] 1001 186630 1757 9657344 > 0 0 make > > [586062.675048] [186631] 1001 186631 3238 34773728 > 0 0 sh > > [586062.678703] [186670] 1001 186670 2322 6361440 > 0 0 g++ > > [586062.682117] [186673] 1001 186673 176378 161924 1441792 > 0 0 cc1plus > > [586062.685597] [186674] 1001 1866742469120928 237568 > 0 0 as > > [586062.689328] [187007] 1001 18700711102 334 122880 > 0 0 crun > > [586062.693111] > oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/user.slice/user-1000.slice/session-27.scope,task=cc1plus,pid=186673,uid=1001 > > [586062.700272] Out of memory: Killed process 186673 (cc1plus) > total-vm:705512kB, anon-rss:647696kB, file-rss:0kB, shmem-rss:0kB, UID:1001 > > [586062.749030] oom_reaper: reaped process 186673 (cc1plus), now > anon-rss:0kB, file-rss:0kB, shmem-rss:0kB > > [pdns@dmz-bastion pdns]$ > > === > > > > I will increase the memory resources and re-test. > > Very thanks for your help, I'll come back to you for the result. > > > > > > > > Le jeu. 4 mars 2021 à 12:54, Peter van Dijk via Pdns-users < > pdns-users@mailman.powerdns.com> a écrit : > >> > >> On Thu, 2021-03-04 at 12:50 +0100, Cheikh Dieng wrote: > >> > > g++: fatal error: Killed signal terminated program cc1plus > >> > > compilation terminated. > >> > >> This usually means you ran out of memory. Can you check dmesg? > >> > >> Kind regards, > >> -- > >> Peter van Dijk > >> PowerDNS.COM BV - https://www.powerdns.com/ > >> > >> ___ > >> Pdns-users mailing list > >> Pdns-users@mailman.powerdns.com > >> https://mailman.powerdns.com/mailman/listinfo/pdns-users > > > > ___ > > Pdns-users mailing list > > Pdns-users@mailman.powerdns.com > > https://mailman.powerdns.com/mailman/listinfo/pdns-users > ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] [EXT] Re: Buiding powerdns container images with podman
I'm not sure that you are doing what you think you are doing; the process you are following does not build container images for *running* PowerDNS software, it uses containers to build installable packages of PowerDNS software. If your goal is to build an image for deploying PowerDNS software, you don't need to do any of this: you can just create a basic Dockerfile (to use with podman) or shell script (to use with buildah) which starts from a suitable base image (your choice of Linux distribution) and installs the necessary PowerDNS packages. On Thu, Mar 4, 2021 at 7:03 AM Cheikh Dieng via Pdns-users wrote: > > Sure ! > > > [586062.628910] [178106] 1001 178106 3006 89696320 > 0 build-specs.sh > [586062.635256] [178973] 1001 17897323714 980 2252800 > 0 rpmbuild > [586062.638735] [179018] 1001 179018 2973 76696320 > 0 sh > [586062.642065] [186228] 1001 186228 1726 69655360 > 0 make > [586062.645354] [186231] 1001 186231 1726 68614400 > 0 make > [586062.649770] [186232] 1001 186232 2974 77696320 > 0 sh > [586062.653263] [186621] 1001 186621 2974 76655360 > 0 sh > [586062.656527] [186622] 1001 186622 1723 95614400 > 0 make > [586062.660565] [186623] 1001 186623 2974 76737280 > 0 sh > [586062.663908] [186628] 1001 186628 2974 76696320 > 0 sh > [586062.667187] [186629] 1001 186629 1724 96573440 > 0 make > [586062.671116] [186630] 1001 186630 1757 96573440 > 0 make > [586062.675048] [186631] 1001 186631 3238 347737280 > 0 sh > [586062.678703] [186670] 1001 186670 2322 63614400 > 0 g++ > [586062.682117] [186673] 1001 186673 176378 161924 14417920 > 0 cc1plus > [586062.685597] [186674] 1001 1866742469120928 2375680 > 0 as > [586062.689328] [187007] 1001 18700711102 334 1228800 > 0 crun > [586062.693111] > oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/user.slice/user-1000.slice/session-27.scope,task=cc1plus,pid=186673,uid=1001 > [586062.700272] Out of memory: Killed process 186673 (cc1plus) > total-vm:705512kB, anon-rss:647696kB, file-rss:0kB, shmem-rss:0kB, UID:1001 > [586062.749030] oom_reaper: reaped process 186673 (cc1plus), now > anon-rss:0kB, file-rss:0kB, shmem-rss:0kB > [pdns@dmz-bastion pdns]$ > === > > I will increase the memory resources and re-test. > Very thanks for your help, I'll come back to you for the result. > > > > Le jeu. 4 mars 2021 à 12:54, Peter van Dijk via Pdns-users > a écrit : >> >> On Thu, 2021-03-04 at 12:50 +0100, Cheikh Dieng wrote: >> > > g++: fatal error: Killed signal terminated program cc1plus >> > > compilation terminated. >> >> This usually means you ran out of memory. Can you check dmesg? >> >> Kind regards, >> -- >> Peter van Dijk >> PowerDNS.COM BV - https://www.powerdns.com/ >> >> ___ >> Pdns-users mailing list >> Pdns-users@mailman.powerdns.com >> https://mailman.powerdns.com/mailman/listinfo/pdns-users > > ___ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/pdns-users ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] [EXT] Re: Buiding powerdns container images with podman
Sure ! [586062.628910] [178106] 1001 178106 3006 89696320 0 build-specs.sh [586062.635256] [178973] 1001 17897323714 980 2252800 0 rpmbuild [586062.638735] [179018] 1001 179018 2973 76696320 0 sh [586062.642065] [186228] 1001 186228 1726 69655360 0 make [586062.645354] [186231] 1001 186231 1726 68614400 0 make [586062.649770] [186232] 1001 186232 2974 77696320 0 sh [586062.653263] [186621] 1001 186621 2974 76655360 0 sh [586062.656527] [186622] 1001 186622 1723 95614400 0 make [586062.660565] [186623] 1001 186623 2974 76737280 0 sh [586062.663908] [186628] 1001 186628 2974 76696320 0 sh [586062.667187] [186629] 1001 186629 1724 96573440 0 make [586062.671116] [186630] 1001 186630 1757 96573440 0 make [586062.675048] [186631] 1001 186631 3238 347737280 0 sh [586062.678703] [186670] 1001 186670 2322 63614400 0 g++ [586062.682117] [186673] 1001 186673 176378 161924 14417920 0 cc1plus [586062.685597] [186674] 1001 1866742469120928 2375680 0 as [586062.689328] [187007] 1001 18700711102 334 1228800 0 crun *[586062.693111] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/user.slice/user-1000.slice/session-27.scope,task=cc1plus,pid=186673,uid=1001[586062.700272] Out of memory: Killed process 186673 (cc1plus) total-vm:705512kB, anon-rss:647696kB, file-rss:0kB, shmem-rss:0kB, UID:1001[586062.749030] oom_reaper: reaped process 186673 (cc1plus), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB* [pdns@dmz-bastion pdns]$ === I will increase the memory resources and re-test. Very thanks for your help, I'll come back to you for the result. Le jeu. 4 mars 2021 à 12:54, Peter van Dijk via Pdns-users < pdns-users@mailman.powerdns.com> a écrit : > On Thu, 2021-03-04 at 12:50 +0100, Cheikh Dieng wrote: > > > g++: fatal error: Killed signal terminated program cc1plus > > > compilation terminated. > > This usually means you ran out of memory. Can you check dmesg? > > Kind regards, > -- > Peter van Dijk > PowerDNS.COM BV - https://www.powerdns.com/ > > ___ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/pdns-users > ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] [EXT] Re: Buiding powerdns container images with podman
On Thu, 2021-03-04 at 12:50 +0100, Cheikh Dieng wrote: > > g++: fatal error: Killed signal terminated program cc1plus > > compilation terminated. This usually means you ran out of memory. Can you check dmesg? Kind regards, -- Peter van Dijk PowerDNS.COM BV - https://www.powerdns.com/ ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Buiding powerdns container images with podman
Hi Petre Thanks for your help!
For the first question, it's clear now for me. that's OK now.
For the 2nd question, i clean all, and doing the following:
- sudo ln -s /usr/bin/podman /usr/local/bin/docker
- git clone https://github.com/PowerDNS/pdns.git
- cd /home/pdns/pdns ## pdns is my podman user
- git submodule init
- git submodule update
- [pdns@dmz-bastion pdns]$ git log
*commit 5e02e2567dc57eaa3b916246e9998236a5a5496d (HEAD -> master,
origin/master, origin/HEAD)*
*Merge: 40e77dd84 12e06ae78*
*Author: Otto Moerbeek >*
*Date: Thu Mar 4 11:33:47 2021 +0100*
*Merge pull request #10010 from omoerbeek/check-time_t-size*
*Check sizeof(time_t) to be at least 8*
*commit 40e77dd8408e0d9cfe2e26d0284453381edbe23a (tag:
dnsdist-1.6.0-alpha2)*
*Merge: 71266386f 0fa0d7c23*
*Author: Pieter Lexis >*
*Date: Wed Mar 3 22:14:44 2021 +0100*
*Merge pull request #10116 from pieterlexis/lmdb-docs*
*docs: improve rendering of lmdb page*
*commit 71266386f0c826df8f1eb2305ece6cbf476c17c4*
*Merge: 0d48cda43 f23ed0a6c*
*Author: Remi Gacogne >*
*Date: Wed Mar 3 17:22:25 2021 +0100*
*Merge pull request #10133 from
rgacogne/ddist-cache-shards-purge-expired*
*dnsdist: Clean up expired entries from all the packet cache's shards*
- [pdns@dmz-bastion pdns]$ ./builder/build.sh -v centos-8-amd64
*make[4]: Entering directory
'/root/rpmbuild/BUILD/pdns-0.0.20925.0.master.g5e02e2567d/modules/bindbackend'*
*/bin/sh ../../libtool --tag=CXX --mode=compile g++ -std=c++17
-DHAVE_CONFIG_H -I. -I../.. -I../.. -I../.. -pthread -I../../pdns
-DLDAP_DEPRECATED -fPIE -DPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2
--param ssp-buffer-size=4 -fstack-protector -g -O2 -Wall -Wextra -Wshadow
-Wno-unused-parameter -Wmissing-declarations -Wredundant-decls -O2 -g -pipe
-Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2
-Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong
-grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
-specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic
-fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -c -o
bindbackend2.lo bindbackend2.cc*
*/bin/sh ../../libtool --tag=CXX --mode=compile g++ -std=c++17
-DHAVE_CONFIG_H -I. -I../.. -I../.. -I../.. -pthread -I../../pdns
-DLDAP_DEPRECATED -fPIE -DPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2
--param ssp-buffer-size=4 -fstack-protector -g -O2 -Wall -Wextra -Wshadow
-Wno-unused-parameter -Wmissing-declarations -Wredundant-decls -O2 -g -pipe
-Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2
-Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong
-grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
-specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic
-fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -c -o
binddnssec.lo binddnssec.cc*
*libtool: compile: g++ -std=c++17 -DHAVE_CONFIG_H -I. -I../.. -I../..
-I../.. -pthread -I../../pdns -DLDAP_DEPRECATED -DPIE -U_FORTIFY_SOURCE
-D_FORTIFY_SOURCE=2 --param ssp-buffer-size=4 -fstack-protector -g -O2
-Wall -Wextra -Wshadow -Wno-unused-parameter -Wmissing-declarations
-Wredundant-decls -O2 -g -pipe -Wall -Werror=format-security
-Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions
-fstack-protector-strong -grecord-gcc-switches
-specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
-specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic
-fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -c
bindbackend2.cc -fPIC -DPIC -o .libs/bindbackend2.o*
*libtool: compile: g++ -std=c++17 -DHAVE_CONFIG_H -I. -I../.. -I../..
-I../.. -pthread -I../../pdns -DLDAP_DEPRECATED -DPIE -U_FORTIFY_SOURCE
-D_FORTIFY_SOURCE=2 --param ssp-buffer-size=4 -fstack-protector -g -O2
-Wall -Wextra -Wshadow -Wno-unused-parameter -Wmissing-declarations
-Wredundant-decls -O2 -g -pipe -Wall -Werror=format-security
-Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions
-fstack-protector-strong -grecord-gcc-switches
-specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
-specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic
-fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -c
binddnssec.cc -fPIC -DPIC -o .libs/binddnssec.o*
*g++: fatal error: Killed signal terminated program cc1plus*
*compilation terminated.*
*make[4]: *** [Makefile:640: binddnssec.lo] Error 1*
*make[4]: *** Waiting for unfinished jobs*
*{standard input}: Assembler messages:*
*{standard input}:1050069: Warning: end of file not at end of a line;
newline inserted*
*{standard input}:1051051: Error: unknown pseudo-op: `.s'*
*g++: fatal error: Killed signal terminated program cc1plus*
*compilation terminated.*
*make[4]: Leaving directory
'/root/rpmbuild/BUILD/pdns-0.0.20925.0.master.g5e02e2567d/modules/bindbackend'*
*make[4]: *** [Makefile:640: bindbackend2.lo] Error 1*
*make[3]: Leaving directory
'/root/rpmbuild/BUILD/pdns-0.0.20925.0.master.g5e02e256
Re: [Pdns-users] Buiding powerdns container images with podman
Hello, On Wed, 2021-03-03 at 19:21 +0100, Cheikh Dieng via Pdns-users wrote: > Hello Peter, > Thanks for you response. > For the 1rs Question: I split it in many step. > I have to install to powerdns with ldap backend (plugin). What are the > options during the images podman built processus to configure this backend ? I recommend not doing it during build. You have several options: (1) once it is built, make a second image, starting with FROM powerdns- auth, and add your config there (2) mount your config into /etc/powerdns in the runtime container (3) learn about the (undocumented) templating in the startup script > > For the 2nd question: > I'm using : > commit c923c0f7e1b0dd7e00f1f8c736c9b376910241c0 (HEAD -> master, > origin/master, origin/HEAD) > Merge: b472d9c1d 67b02e399 > Author: Otto Moerbeek > Date: Wed Feb 24 17:39:20 2021 +0100 > > Merge pull request #10111 from omoerbeek/rec-drop-from-lua > > rec: Handle policy (if needed) after postresolve and document the hooks > better This commit also builds for me without problems. Did you change anything? Kind regards, -- Peter van Dijk PowerDNS.COM BV - https://www.powerdns.com/ ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
