I'm trying to use the GitLab provider with a priva...
# general
I'm trying to use the GitLab provider with a private GitLab instance via VPN, but although I've configured the
config values, I get a network error:
Copy code
error: Get "<https://gitlab.company.com/api/v4/user>": dial tcp: lookup <http://gitlab.company.com|gitlab.company.com> on no such host
Where company.com is the redacted version of my actual host. I've double checked using cURL that I can access the instance given the access token that Pulumi uses and it all works great. Any ideas?
It's trying to resolve your host on Google's public DNS. You said it is on your private VPN, you need to use a DNS that resolves internal hostnames for your network
Thanks. Yeah, just noticed this. I'm a bit baffled that the connection works with cURL or my browser, but not with Pulumi.
curl uses a different DNS resolver library to Go programs, so the path to its preferred DNS is different. I can't remember the exact difference now
It can use a pure Go resolver that sends DNS requests directly to the servers listed in /etc/resolv.conf, or it can use a cgo-based resolver that calls C library routines such as getaddrinfo and getnameinfo.
By default the pure Go resolver is used, because a blocked DNS request consumes only a goroutine, while a blocked C call consumes an operating system thread.
You might have Google's DNS on your /etc/resolv.conf and your internal DNS might be configured by your VPN client using the libc apis, which is what curl and browsers uses
Yup, confirmed that. I'm on macOS and it looks there are issues open regarding this for both Terraform and the golang HTTP client: https://github.com/hashicorp/terraform/issues/3536 https://github.com/golang/go/issues/12524
Thanks for looking into it.
I've managed to temporarily solve this by adding the internal DNS IPs to /etc/resolv.conf. Not sure what would be a better solution, but should be enough for me in this exploratory phase.
I think that would depend more on your system. I'm using an Ubuntu variant, it comes with the resolvconf service as a local dns server, the /etc/resolv.conf points to localhost and the service proxies and caches requests to the real dns server.
Yup, definitely. However, after some more digging, it seems that Go 1.14.3 fixes this issues and Pulumi was upgraded from Go 1.13.x to 1.14.x two days ago. So, I'm looking forward to the Pulumi upgrade 🙂 https://github.com/golang/go/commit/f6b42a53e5ac1f1c3f3b1c9ed2407e68e0b637a0 https://github.com/pulumi/pulumi/commit/45e1917a30f99ca29c4439e777a614322460aa6d