Wondering; would shelling out to pidof work? (would it be slower?), e.g.;

pids, err := exec.Command("pidof", "some-binary").Output()
# check error and len(pids) > 0

more worried if the pidof is available on every platform and if it is reachable from the daemon (like is in the $PATH) etc

I'm not sure Walk is really what we want here since it traverses every dir recursively.

What do you think about some either hitting the systemd-resolved API or checking /etc/resolv.conf for 127.0.0.53 instead?

more worried if the pidof is available on every platform and if it is reachable from the daemon (like is in the $PATH) etc

Good point; looking at http://man7.org/linux/man-pages/man1/pidof.1.html, it's part of https://gitlab.com/procps-ng/procps. I think it's fairly common to be installed (at least on common distros), but we may want to check.

I had the same concerns as @cpuguy83; recursively traversing /proc just for detection looks like a lot of overhead. Not sure if string-matching for 127.0.0.53 in /etc/resolv.conf is a good solution though; sounds a bit brittle.

We should consider to what extend we want the automatic-detection to be "perfect", and possibly add a manual configuration, as discussed in moby/libnetwork#2232 (comment)

(...) is checking for a particular binary running the right way to do this? K8s is mainly doing it to issue a warning so that's "safe" in a sense. But transparently substituting in libnetwork doesn't seem robust. Maybe we should do what k8s is doing even more so: require the user to provide an option for a default resolv.conf file when starting up the engine. (...)

I opened a PR on k8s repo here to optimize the pid lookup: kubernetes/kubernetes#66367

@thaJeztah being in the config, does not automatically exposing it as an option? so if the user is not satisfied on the auto selection can specify it?

@cpuguy83 will wait for that PR to be merged and will update, thanks for opening it

Was thinking if we should do this "on demand", e.g.:

var systemdResolvedRunning *bool

func systemdResolvedPresent() bool {
	if systemdResolvedRunning != nil {
		return systemdResolvedRunning
	}
	systemdResolvedRunning = false
	pids, err := procfs.PidOf("systemd-resolved")
	if err != nil {
		logrus.Errorf("unable to check systemd-resolved status: %s", err)
	}
	if len(pids) > 0 && pids[0] > 0 {
		isSystemdResolvedPresent = true
	}
	return systemdResolvedRunning
}

But also noticed that would only need this if conf.ResolvConf == ''; which will be only once (once GetResolvConf() is called, and it's not set, it will be set to conf.ResolvConf = defaultResolvConf)

So perhaps we can just as well inline this in GetResolvConf() ? (or a combination of the above)

I think is expensive to check: procfs.PidOf("systemd-resolved") for every container creation

Can we do this during daemon initialization instead of package init?

sure don't have a, is there a specific point that you can suggest?
Just drop something like this one: https://github.com/moby/moby/blob/master/daemon/daemon.go#L569

As good a place as any, I suppose.

Looks like this needs vendoring; let me add that label, otherwise people may overlook that

yep, I put it in this comment: #37485 (comment)

else?

no else, line 152 (https://github.com/moby/moby/pull/37485/files/e241a0d3a74fc3b37f597464951187e132bbd7ac#diff-857979ffd7f9baf3aa83894d548f110aR152) is setting the value

even if alternateResolvConf is present, "alternateResolvConf is not present" is printed here?

sorry was looking at the wrong line

Did this file end up in the wrong commit?

This code is not used for LCOW?

Oh, just see @johnstep's comment; so ignore this one; only check if the vendored file ended up in the right commit

@johnstep can you confirm the LCOW behavior here?

This code path cannot be hit on Windows (including LCOW) because IsHost always returns false on Windows.