Add configurable DNS settings

[zmrow]

Issue number:
Related to #2204

Description of changes:
It's probably easiest to review this commit by commit, rather than as a whole. All the pieces are pretty small.

    netdog: Add dns module

    This commit adds a new `dns` module to centralize the logic of gathering
    DNS information from an API-generated configuration file, and merging
    any missing settings from a given DHCP lease.  This module also handles
    writing the `/etc/resolv.conf` using the DNS information

    netdog: Update `install` subcommand to use `dns` module

    This change updates the `install` subcommand to make use of the
    newly-added `dns` module.  The most important change here is that the
    code will use DNS settings from config if they exist, supplementing any
    missing settings with settings from DHCP lease.  The code also takes
    into account DHCP6 lease renewals when rewriting the `resolv.conf`.
    When multiple lease files exist, the code uses the DHCP4 lease to gather
    DHCP lease data

    netdog: Add new `write-resolv-conf` subcommand

    This commit adds a new `write-resolv-conf` subcommand, which is meant to
    be used as a restart command for DNS API settings.  It will write the
    `resolv.conf` using DNS settings if they exist, supplementing any
    missing settings with settings from the DHCP lease of the primary
    interface

    settings: Add DNS configurability via `settings.dns`

    This commit adds the ability to configure DNS name servers and search
    suffixes via a new settings prefix `settings.dns`.  These DNS settings
    populate a configuration file which gets used by `netdog` to write the
    `resolv.conf`.  `netdog write-resolv-conf` is triggered via restart
    command.  If DNS settings exist, they are used to write the
    `resolv.conf`, otherwise the DHCP lease for the primary interface is
    used

    migrations: Add migrations for `settings.dns`

    This adds the migrations needed for `settings.dns`, one for the setting,
    its service and configuration file, and one for the setting metadata

    README: Add DNS settings documentation

Testing done:

• Boot an aws-k8s-1.22 instance and confirm resolv.conf is still written correctly with no DNS settings
• Boot a metal-dev image with and without user data and ensure resolv.conf is written properly with the correct settings
• Manually change DNS settings via apiclient and observe resolv.conf written with desired settings, using DHCP if only one of the settings is set.

$ cat /etc/resolv.conf 
search us-west-2.compute.internal
nameserver 192.168.0.2

$ apiclient set -j '{"dns": {"name-servers": ["1.2.3.4", "2.3.4.5"]}}'

$ cat /etc/resolv.conf                                                                                       
search us-west-2.compute.internal
nameserver 1.2.3.4
nameserver 2.3.4.5

$ apiclient set -j '{"dns": {"search-list": ["foo.bar", "baz.foo"]}}'

$ cat /etc/resolv.conf 
search foo.bar baz.foo
nameserver 1.2.3.4
nameserver 2.3.4.5

• Test migrations work properly

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

[zmrow]

^ Rebases on develop and fix the merge conflict in Release.toml

[zmrow]

^ Fixed a clippy lint I originally missed

[zmrow]

^ Addresses @arnaldo2792 's comments

[zmrow]

^ Rebases on develop and fixes the sources/Cargo.toml merge conflict

[zmrow]

^ Changes the type of DnsSettings::name-servers to Option since a user may not supply it... (It was an oversight, search-list was already Option)

[zmrow]

^ Addresses @etungsten 's coments

[zmrow]

^ Fixes the migration filename (thanks @etungsten!)

[bcressey]

In the from_lease_info() path, if we're given a lease info file with no relevant fields, we return a DnsSettings struct with both optional fields set to None.

Would it make sense to do that here as well, and always return a Result<Self> instead?

[bcressey]

This relates to from_config() returning a valid DnsSettings struct - potentially we want to divide this up rather than making it all API settings or all lease settings:

• if we have name-servers in the config, use those, otherwise use the lease
• if we have a search-list in the config, use it, otherwise use the lease

[bcressey]

Can the merging of the DNS config settings and the lease settings be a helper function? Especially if becomes slightly more complicated than using one source or the other.

We're doing almost but not quite exactly the same thing as in the DHCP helper entry point, which seems like it could lead to bugs.

[bcressey]

We entirely ignore the DHCP6 lease coming from the "install" path - it seems like we'd want the behavior to be consistent, otherwise we'll lose the IPv6 version of the settings the next time the lease is renewed and resolv.conf is rewritten.

[zmrow]

^ Addresses @bcressey 's comments. The highlights:

• DnsSettings public interface is much smaller, preferring creation from config and merging in settings from DHCP lease as necessary. This reduces the paths possible, addressing the possibility for bug-ridden multiple paths to the DNS settings.
• DNS settings from DHCP lease are used if the DNS API settings aren't set
• The install DHCP helper now correctly uses the proper DHCP path when gathering DNS settings. This means we won't inadvertently lose settings on DHCP lease renewal, and ensures the write-resolv-conf and install paths are doing the same thing.

[zmrow]

^ Above push avoids returning an error if the DHCP lease doesn't exist. The lease won't exist in the case a user is not using DHCP (static addressing).

It also makes the DHCP lease optional when constructing a DnsSettings.

[zmrow]

^ Rebases on develop and fixes the merge conflict with Release.toml

[bcressey]

I'd still like to use args.data_file in some way, if only to check that it matches primary_lease_path with an early return if it doesn't.

Otherwise we potentially end up rewriting resolv.conf whenever any DHCP lease is renewed, instead of just the one for the primary interface.

Also, depending on the order in which leases are obtained, we might not have a lease for the primary interface yet early in the boot, if other interfaces are also using DHCP.

[zmrow]

Good point about the timing!

Also, there's a check just before the match statement that returns if the install interface isn't the primary interface

[bcressey]

I'd prefer to shuffle the nameservers after the merge, just before writing resolv.conf - to guarantee that they're always shuffled. Here we don't shuffle if the nameservers are set via API.

[bcressey]

Maybe add a test for missing_config too, where the file doesn't exist.

[bcressey]

nit: 🪟 -> 🐧

Suggested change

	static LEASE_FOLDER: &str = "/var/run/wicked";
	static LEASE_DIR: &str = "/var/run/wicked";

[zmrow]

^ Addresses @bcressey 's comments.

I also simplified a few tests - I was calling DnsSettings::from_config_impl() multiple times when it was unnecessary...

[rickymulder]

Is there plans to merge this into 1.9.x? Attempting to spin up an EKS 1.21 cluster with bottlerocket and my host-network pods can't do cluster dns resolution without calling out the kube-dns service ip.

[webern]

Nice tests!