I m trying to use the GitLab provider with a private GitLab pulumi-community #general

Title

able-beard-29160

05/30/2020, 5:56 PM

I'm trying to use the GitLab provider with a private GitLab instance via VPN, but although I've configured the

gitlab:token

and

gitlab:base_url

config values, I get a network error:

Copy code

error: Get "<https://gitlab.company.com/api/v4/user>": dial tcp: lookup <http://gitlab.company.com|gitlab.company.com> on 8.8.8.8:53: no such host

Where company.com is the redacted version of my actual host. I've double checked using cURL that I can access the instance given the access token that Pulumi uses and it all works great. Any ideas?

green-school-95910

05/30/2020, 5:58 PM

It's trying to resolve your host on Google's public DNS. You said it is on your private VPN, you need to use a DNS that resolves internal hostnames for your network

able-beard-29160

05/30/2020, 6:00 PM

Thanks. Yeah, just noticed this. I'm a bit baffled that the connection works with cURL or my browser, but not with Pulumi.

billowy-army-68599

05/30/2020, 6:05 PM

curl uses a different DNS resolver library to Go programs, so the path to its preferred DNS is different. I can't remember the exact difference now

green-school-95910

05/30/2020, 6:11 PM

https://golang.org/pkg/net/#hdr-Name_Resolution

It can use a pure Go resolver that sends DNS requests directly to the servers listed in /etc/resolv.conf, or it can use a cgo-based resolver that calls C library routines such as getaddrinfo and getnameinfo.

By default the pure Go resolver is used, because a blocked DNS request consumes only a goroutine, while a blocked C call consumes an operating system thread.

You might have Google's DNS on your /etc/resolv.conf and your internal DNS might be configured by your VPN client using the libc apis, which is what curl and browsers uses

able-beard-29160

05/30/2020, 6:37 PM

Yup, confirmed that. I'm on macOS and it looks there are issues open regarding this for both Terraform and the golang HTTP client: https://github.com/hashicorp/terraform/issues/3536 https://github.com/golang/go/issues/12524

Thanks for looking into it.

I've managed to temporarily solve this by adding the internal DNS IPs to /etc/resolv.conf. Not sure what would be a better solution, but should be enough for me in this exploratory phase.

green-school-95910

05/30/2020, 6:55 PM

I think that would depend more on your system. I'm using an Ubuntu variant, it comes with the resolvconf service as a local dns server, the /etc/resolv.conf points to localhost and the service proxies and caches requests to the real dns server.

able-beard-29160

05/30/2020, 6:57 PM

Yup, definitely. However, after some more digging, it seems that Go 1.14.3 fixes this issues and Pulumi was upgraded from Go 1.13.x to 1.14.x two days ago. So, I'm looking forward to the Pulumi upgrade 🙂 https://github.com/golang/go/commit/f6b42a53e5ac1f1c3f3b1c9ed2407e68e0b637a0 https://github.com/pulumi/pulumi/commit/45e1917a30f99ca29c4439e777a614322460aa6d

green-school-95910

05/30/2020, 7:08 PM

Great!

2 Views