Shane Kumpf created YARN-8365:
---------------------------------
Summary: Revisit the record type used by Registry DNS for upstream
resolution
Key: YARN-8365
URL: https://issues.apache.org/jira/browse/YARN-8365
Project: Hadoop YARN
Issue Type: Bug
Components: yarn-native-services
Reporter: Shane Kumpf
YARN-7326 leveraged the ANY record type for upstream resolution, but some
implementations [don't support
ANY|https://tools.ietf.org/html/draft-ietf-dnsop-refuse-any-06] due to the
potential for abuse, namely Cloudflare. Docker Hub leverages Cloudflare for
image distribution, so when Registry DNS is used as the sole resolver, docker
image downloads are failing.
{code:java}
[root@host ~]# docker run -u root -it centos bash
Unable to find image 'centos:latest' locally
latest: Pulling from library/centos
469cfcc7a4b3: Already exists
docker: error pulling image configuration: Get
https://production.cloudflare.docker.com/registry-v2/docker/registry/v2/blobs/sha256/e9/e934aafc22064b7322c0250f1e32e5ce93b2d19b356f4537f5864bd102e8531f/data?verify=1527265495-nG8jk%2Bya9qrdPVlXRKGMnOhSnV0%3D:
dial tcp: lookup production.cloudflare.docker.com on registry.dns.host:53: no
such host.
{code}
{code:java}
[root@host~]# nslookup production.cloudflare.docker.com registry.dns.host
Server: registry.dns.host
Address: registry.dns.host#53
Non-authoritative answer:
production.cloudflare.docker.com hinfo = "ANY obsoleted" "See
draft-ietf-dnsop-refuse-any"
{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
