Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
YARN-7326 leveraged the ANY record type for upstream resolution, but some implementations don't support ANY due to the potential for abuse, namely Cloudflare. Docker Hub leverages Cloudflare for image distribution, so when Registry DNS is used as the sole resolver, docker image downloads are failing.
[root@host ~]# docker run -u root -it centos bash Unable to find image 'centos:latest' locally latest: Pulling from library/centos 469cfcc7a4b3: Already exists docker: error pulling image configuration: Get https://production.cloudflare.docker.com/registry-v2/docker/registry/v2/blobs/sha256/e9/e934aafc22064b7322c0250f1e32e5ce93b2d19b356f4537f5864bd102e8531f/data?verify=1527265495-nG8jk%2Bya9qrdPVlXRKGMnOhSnV0%3D: dial tcp: lookup production.cloudflare.docker.com on registry.dns.host:53: no such host.
[root@host~]# nslookup production.cloudflare.docker.com registry.dns.host Server: registry.dns.host Address: registry.dns.host#53 Non-authoritative answer: production.cloudflare.docker.com hinfo = "ANY obsoleted" "See draft-ietf-dnsop-refuse-any"