These are chat archives for CZ-NIC/knot-resolver

16th
Feb 2017
Michal Cichra
@mikz
Feb 16 2017 15:55
Hi! I'm working on API Gateway project in OpenResty and recently started focusing on our DNS resolving. Knot Resolver looks great so I was investigating how to use it from OpenResty via FFI.
Have someone else experimented with using it via FFI from OpenResty ? OpenResty is quite sensitive to blocking the event loop.
Michal Cichra
@mikz
Feb 16 2017 16:03
But checking the API documentation (http://knot-resolver.readthedocs.io/en/latest/lib.html#apis-in-lua) I feel like that might not be the right approach for OpenResty as that API is really low level and I'm not sure if it would fit the OpenResty pseudo synchronous blocking on io model.
And a different but related question. Would kresd perform query de-duplication when entry is not in the cache? If there are two queries that arrive at the same time, how many queries to the upstream nameservers it is going to perform?
Vladimír Čunát
@vcunat
Feb 16 2017 16:06
The kresd process needs to be in control of its (own) event loop. (Though I don't get what exactly you had in mind.)
Petr Špaček
@pspacek
Feb 16 2017 16:06
I guess that these APIs are too low-level for you. The good news is that nothing is set in stone and if you can formulate the requirements someone might advise you where to pull strings inside kresd to get the intended result :-)
Michal Cichra
@mikz
Feb 16 2017 16:08
I though that I could use the library to perform the DNS resolution over FFI instead of using DNS protocol :) So I'd not have to have the daemon running. But that would be just bonus points :)
Vladimír Čunát
@vcunat
Feb 16 2017 16:08
Deduplication is done, but only within each process.
Michal Cichra
@mikz
Feb 16 2017 16:09
Awesome. And checked documentation, but can't see it mentioned there so it is probably not supported. Can kresd listen on unix domain socket?
Vladimír Čunát
@vcunat
Feb 16 2017 16:09
So if you run multiple processes and send an uncached query to them at once, it won't be OK.
The TTY for control is open either interactively or a named unix socket is created.
But I guess you meant listening for standard DNS queries :-)
Michal Cichra
@mikz
Feb 16 2017 16:10
Yeah, that is acceptable. This would be running alongside the API Gateway in a Docker container, so just one process should be enough.
Yep. Listening for queries.
Vladimír Čunát
@vcunat
Feb 16 2017 16:11
I think there's no explicit support for that.
Michal Cichra
@mikz
Feb 16 2017 16:11
OpenResty cosockets support UDP over unix domain sockets so I was hoping it would be a bit more efficient when running in the same container.
Petr Špaček
@pspacek
Feb 16 2017 16:12
... I would start optimizing later, when is actually works :-)
Vladimír Čunát
@vcunat
Feb 16 2017 16:12
I would personally expect bottlenecks to be elsewhere.
Some reported performance degradation when running kresd within docker.
CZ-NIC/knot-resolver#28
Michal Cichra
@mikz
Feb 16 2017 16:19
Thanks for the info. Will post some report when I do benchmarks comparing to dnsmasq. I expect the de-duplication could help a lot for my use case.
Vladimír Čunát
@vcunat
Feb 16 2017 16:20
Looking forward to that :-)