DNS scheme for local development use

In this article, I will introduce a convenient local development and debugging solution, the local DNS proxy server.

Writing in the front

Whether you’re doing front-end or back-end development, native debugging of an interface or a page with a domain name is a big deal. Even if you use self-signed certificates or virtual domain names for HomeLab services, some “flexible” schemes are needed to dynamically switch the direction of a series of domain names when the network default DNS server is not available.

But just because you have a hammer doesn’t mean there are nails everywhere. In simple scenarios, for example, if you modify the hosts file only once, it is easier to modify the hosts file to resolve the problem. For the recommended tools of the “hosts Editor” class, see the following section.

Without further ado, let’s start with a solution I’ve been using for over six months.

Solution 1: Dnsmasq container with interface

Dnsmasq is widely used in Linux distributions as a DNS Server. It is used by default in many versions of our common Ubuntu Server and Open WRT router firmware.

But it is a command line software, the default does not support automatic reloading of the modified configuration file, the configuration file editing is the same as we normally modify /etc/hosts, a foreign engineer to solve this problem, developed a simple configuration tool with interface docker-dnsmasq. After the configuration file is modified, you can send commands to restart or reload the dnsmasq main program for “ease of use” purposes.

In February of this year, I created a fork version, Soulteary/Docker-dnsmasq, which allows you to quickly run your own local DNS server using the following configuration.

In the past, we would edit the hosts file and use the following form to bind the domain name:

10.1112.123. docker.lab.com
10.1112.123. maven.lab.com
10.1112.123. npm.lab.com
10.1112.123. pypi.lab.com
.
Copy the code

The dnsmasq configuration file is much simpler because it allows the use of a “general resolution” approach. In addition, it can specify upstream servers and further extend the capabilities. Here is an example of a dnsmasq.conf configuration file:

# HomeLab
## Use Home DNS Upstream
Server = 10.11.12.13

# HomeLab Domain Example:
address=/.lab.com/10.11.12.123
Address = / *. Lab.com/10.11.12.123
Address = / *. Demo.lab.com/10.11.12.123
Address = / *. Api.lab.com/10.11.12.123
Address = / *. Some.api.lab.com/10.11.12.123

# localhost
Address = /. Lab. IO / 127.0.0.1
Address = / *. Lab. IO / 127.0.0.1
Copy the code

In the above example, lab.com and some subdomains point to a machine on the Intranet, lab. IO all points to the machine, save the above content as dnsmasq.conf, we write the container layout file:

version: "3"
services:

  dns:
    image: soulteary/docker-dnsmasq
    restart: always
    # If you need a simple Basic Auth certification
    #environment:
    # - HTTP_USER=user
    # - HTTP_PASS=pass
    ports:
      - "53:53/udp"
      - "53:53/tcp"
      - "8080:8080"
    volumes:
      - ./dnsmasq.conf:/etc/dnsmasq.conf:rw
Copy the code

Docker-compose up -d: docker-compose up -d: docker-compose up -d: docker-compose up -d: docker-compose up -d: docker-compose up -d: docker-compose up

It should be noted that in order to reduce the complexity of subsequent Settings, port 53 is used by default to provide services. Port 8080 is used by default in the management panel. If you have port conflicts, it is recommended to adjust or modify them.

The software interface is simple, and the way to use it is to modify the content using the WYSIWYG editor, then click Save and wait for the configuration to take effect. If you save some DNS records of different environments in the configuration, then batch select the records of one environment, use the shortcut key (CMD+/) to switch the comment status of the records, you can quickly switch DNS records of different environments. (In the last six months, THIS is how I solved the DNS record switch in different environments, configuration example) :

# HomeLab
## Use Home DNS
Server = 10.11.12.13

# Office
## Use Dev NS Servers
# server = 219.141.136.10
# server = 219.141.140.10

## Use CloudFlare NS Servers
# server = 1.0.0.1
# server = 1.1.1.1


# Local
Address = /. Lab. IO / 127.0.0.1
Address = / *. Lab. IO / 127.0.0.1

address=/.lab.com/10.11.12.123
Address = / *. Lab.com/10.11.12.123
Address = / *. Demo.lab.com/10.11.12.123
Address = / *. Api.lab.com/10.11.12.123
Address = / *. Some.api.lab.com/10.11.12.123

# address=/.lab.com/192.11.12.123
# address = / *. Lab.com/192.11.12.123
# address = / *. Demo.lab.com/192.11.12.123
# address = / *. Api.lab.com/192.11.12.123
# address = / *. Some.api.lab.com/192.11.12.123
Copy the code

Of course, the program will also read the /etc/hosts file in the container. You can also open the hosts file by switching the editor in the left sidebar and adding and modifying DNS records in the traditional way.

In the process of using the software, there will be some bad experiences, such as reloading the program takes several seconds, service is not available during the process, the editor only has the most basic functions, and there is a lack of shortcut keys.

Sometimes there are some abnormal resources used in the program. After searching, I found some feedback in the community that although the problem can be solved by restarting the container, there are defects after all, so I began to consider the replacement and adjustment of this program.

Combined with system use

When we start the local service, the default request does not change unless we apply this configuration to the system network configuration.

Take macOS as an example. Open network Settings, select the current network, click the advanced button, and switch to the DNS TAB. In the DNS server on the left, add 127.0.0.1.

Here is a little trick, to ensure that the network is completely uninterrupted (such as when restarting the service), we can add the DNS server of the current network in addition to the specified DNS service.

Use DNSMASQ in conjunction with Traefik

If you’re a regular reader of mine, you’re probably familiar with Traefik. Here’s a simple configuration for using Traefik:

version: "3"
services:

  dns:
    image: soulteary/docker-dnsmasq
    restart: always
	# If you need a simple Basic Auth certification
    Traefik recommends using Forward Auth instead
    #environment:
    # - HTTP_USER=user
    # - HTTP_PASS=pass
    ports:
      - "53:53/udp"
      - "53:53/tcp"
      - "8080:8080"
    volumes:
      - ./dnsmasq.conf:/etc/dnsmasq.conf:rw
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=traefik"
      - "traefik.http.routers.dnsmasq-web.entrypoints=http"
      - "traefik.http.routers.dnsmasq-web.rule=Host(`dns.lab.io`)"
      - "traefik.http.routers.dnsmasq-ssl.entrypoints=https"
      - "traefik.http.routers.dnsmasq-ssl.tls=true"
      - "traefik.http.routers.dnsmasq-ssl.rule=Host(`dns.lab.io`)"
      - "traefik.http.services.dnsmasq-backend.loadbalancer.server.scheme=http"
      - "traefik.http.services.dnsmasq-backend.loadbalancer.server.port=8080"
    networks:
      - traefik

networks:
  traefik:
    external: true
Copy the code

The topic of “Traefik authentication” has been mentioned before, but you can help yourself (part 1 / Part 2). In addition, a small project has recently been made to further simplify the operation of this scenario.

Next, let’s talk about new solutions.

Solution 2: Use go-DNsmasq

Go-dnsmasq is a lightweight DNS cache/forward tool of only 1.2MB, but unfortunately the authors did not continue to maintain the project after 16 years. After thumbing through dozens of fork spin-offs, I finally merged two foreign improvements into a new version github.com/soulteary/g… And made a 2.7MB container image.

It’s actually easier to use than the above, let’s take a look at the configuration file:

127.0. 01. lab.com
127.0. 02. *.lab.com
Copy the code

The unremarkable hosts record syntax supports general parsing, which is less symbolic than dnsmasq.conf. While it’s certainly possible to copy and paste in everyday use, one less character is one less chance of going wrong, isn’t it? Save the above as hosts.conf for later use.

To continue writing the container configuration file:

version: "3"
services:

  dns:
    image: soulteary/go-dnsmasq
    command: dnsmasq -l 0.0. 0. 0: 53 -f /hosts.conf -p 1s --nameservers 10.1112.13.: 53
    restart: always
    ports:
      - "53:53/udp"
      - "53:53/tcp"
    volumes:
      - ./hosts.conf:/hosts.conf:rw
Copy the code

Compared with scheme 1, this scheme is obviously more “lightweight and environmentally friendly”. As for changing the environment configuration, you only need to prepare several different environment configuration files, when using docker to mount the file switch can be done.

In the startup command in the configuration, I have defined several parameters, but I only need to focus on the last parameter:

Dnsmasq -l 0.0.0.0:53 -f /hosts.conf -p 1s --nameservers 10.11.12.13:53Copy the code

The –nameservers parameter needs to be set as the default DNS in your network environment, although if you use the “use with the system” method mentioned above, it will not affect the use of this parameter.

Next, let’s talk about editing the local Hosts file we talked about at the beginning of this article.

Others: How do I simply modify the Hosts file

If you only need to manage a few domain names and don’t want to start a service (even if it’s only 2M), try editing the Hosts file on your system. If you’re tired of modifying files on the command line or notepad, you can also download some tools like Hosts Editor.

In the beginning, I used Gas Mask, HostsMan, and similar software. When I first went to Taobao to work, I was given an Intranet wizard called “iHosts” by Amway (not the software of the same name found by the search engine). In addition to a fresh interface, it also supports record grouping and a local DNS server. It’s handy for debugging mobile scenarios, or virtual airport scenarios.

After leaving Taobao many years ago, I could no longer download “ihosts” from the Intranet, so I switched to “SwitchHosts!” (The latest version has been renamed without the “! ), although there is no built-in DNS service, request log and other functions, but win in the function is simple enough to use, coupled with the author depends on the spectrum, has been used down.

Why is the author reliable? Earlier, I had dinner with the author Ji Zha da God, who just left Taobao, and talked about the recruitment difficulties. At that time, I joked about whether to add a recruitment advertisement in SwitchHosts README. Ji Zha said that she hoped that this software could be pure all the time, and then this software has been so clean and pure so far, which is very rare.

However, in the process of use will inevitably encounter the need to do the “general analysis” scene, batch change record is always a more troublesome thing, and my computer does not shut down all the year round, often sleep wake up, based on Electron SwitchHosts often memory overflow problem, So we had to reluctantly switch the main program to the DNS above.

In fact, the solution is very simple, and the solution is the same, each time after using SwitchHosts, shut down its process completely, and then restart it. I’ll probably continue to use SwitchHosts in the future, but I don’t think it’s going to be the main tool anymore, since generic parsing saves a lot of work.

Others: How to make and use self-signed certificates

In the HTTPS era, local debugging sometimes cannot avoid configuration certificates. I have written an article about how to make and use self-signed certificates easily. If you need this aspect, you can use it by yourself.

The last

I originally thought that I could clean up the articles in the draft box by taking a leave of absence, but I did not expect that I accumulated more drafts, thanks to my vexing curiosity and stubborn pursuit of the optimal solution.

–EOF

If you think the content is still practical, welcome to share it with your friends. Thank you.

We have a little group of hundreds of people who like to do things.

In the case of no advertisement, we will talk about software and hardware, HomeLab and programming problems together, and also share some information of technical salon irregularly in the group.

Like to toss small partners welcome to scan code to add friends. (To add friends, please note your real name, source and purpose, otherwise it will not be approved)

All this stuff about getting into groups

This article is published under a SIGNATURE 4.0 International (CC BY 4.0) license. Signature 4.0 International (CC BY 4.0)

Author: Su Yang

Creation time: August 19, 2021 statistical word count: 6401 words reading time: 13 minutes to read this article links: soulteary.com/2021/08/19/…

DNS scheme for local development use

Writing in the front

Solution 1: Dnsmasq container with interface

Combined with system use

Use DNSMASQ in conjunction with Traefik

Solution 2: Use go-DNsmasq

Others: How do I simply modify the Hosts file

Others: How to make and use self-signed certificates

The last

Related Posts

Xmake v2.6.1 release, with Lua5.4 runtime, mixed Rust and C++ compilation support

Report network red is Tableau, lift test network red is MadPecker

How do I use Putty to log in to Ubuntu installed in VirtualBox