From b810840becc82acedfe3cd5c7957508c26ea3712 Mon Sep 17 00:00:00 2001
From: Shishir Mahajan <smahajan@roblox.com>
Date: Tue, 29 Sep 2020 14:32:51 -0700
Subject: [PATCH] Add host_dns flag into TaskConfig.

---
 containerd/containerd.go |  6 ++++++
 containerd/driver.go     | 19 ++++++++++++-------
 2 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/containerd/containerd.go b/containerd/containerd.go
index 9b6aa12..d8be647 100644
--- a/containerd/containerd.go
+++ b/containerd/containerd.go
@@ -142,6 +142,12 @@ func (d *Driver) createContainer(containerConfig *ContainerConfig, config *TaskC
 		mounts = append(mounts, m)
 	}
 
+	// Setup host DNS (/etc/resolv.conf) into the container.
+	if config.HostDNS {
+		dnsMount := buildMountpoint("bind", "/etc/resolv.conf", "/etc/resolv.conf", []string{"rbind", "ro"})
+		mounts = append(mounts, dnsMount)
+	}
+
 	// Setup "/secrets" (NOMAD_SECRETS_DIR) in the container.
 	if containerConfig.SecretsDir != "" {
 		secretsMount := buildMountpoint("bind", "/secrets", containerConfig.SecretsDir, []string{"rbind", "ro"})
diff --git a/containerd/driver.go b/containerd/driver.go
index 17ddcd4..4aaa086 100644
--- a/containerd/driver.go
+++ b/containerd/driver.go
@@ -85,13 +85,17 @@ var (
 	// this is used to validate the configuration specified for the plugin
 	// when a job is submitted.
 	taskConfigSpec = hclspec.NewObject(map[string]*hclspec.Spec{
-		"image":           hclspec.NewAttr("image", "string", true),
-		"command":         hclspec.NewAttr("command", "string", false),
-		"args":            hclspec.NewAttr("args", "list(string)", false),
-		"cap_add":         hclspec.NewAttr("cap_add", "list(string)", false),
-		"cap_drop":        hclspec.NewAttr("cap_drop", "list(string)", false),
-		"devices":         hclspec.NewAttr("devices", "list(string)", false),
-		"privileged":      hclspec.NewAttr("privileged", "bool", false),
+		"image":      hclspec.NewAttr("image", "string", true),
+		"command":    hclspec.NewAttr("command", "string", false),
+		"args":       hclspec.NewAttr("args", "list(string)", false),
+		"cap_add":    hclspec.NewAttr("cap_add", "list(string)", false),
+		"cap_drop":   hclspec.NewAttr("cap_drop", "list(string)", false),
+		"devices":    hclspec.NewAttr("devices", "list(string)", false),
+		"privileged": hclspec.NewAttr("privileged", "bool", false),
+		"host_dns": hclspec.NewDefault(
+			hclspec.NewAttr("host_dns", "bool", false),
+			hclspec.NewLiteral("true"),
+		),
 		"seccomp":         hclspec.NewAttr("seccomp", "bool", false),
 		"seccomp_profile": hclspec.NewAttr("seccomp_profile", "string", false),
 		"readonly_rootfs": hclspec.NewAttr("readonly_rootfs", "bool", false),
@@ -146,6 +150,7 @@ type TaskConfig struct {
 	Seccomp        bool     `codec:"seccomp"`
 	SeccompProfile string   `codec:"seccomp_profile"`
 	Privileged     bool     `codec:"privileged"`
+	HostDNS        bool     `codec:"host_dns"`
 	ReadOnlyRootfs bool     `codec:"readonly_rootfs"`
 	HostNetwork    bool     `codec:"host_network"`
 	Mounts         []Mount  `codec:"mounts"`