| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
unstable API (#4647)
* confirm endpointslices is served or not
Signed-off-by: uesyn <suemura@zlab.co.jp>
* Apply suggestions
Signed-off-by: uesyn <suemura@zlab.co.jp>
|
|
* support v1 and v1beta1 endpointslice
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* update comments
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
|
|
* do endpoint/slice check in retry loop
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
|
|
When err=nil try to determine the version of the k8s cluster and disable
endpoint slices. Don't return from connecting to the cluster.
In the future we should just default to true, and delete all this code.
Signed-off-by: Miek Gieben <miek@miek.nl>
|
|
Fixes #4428
Signed-off-by: Lars Ekman <lars.g.ekman@est.tech>
|
|
* support dual stack clusterIPs
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* stickler
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix ClusterIPs make
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
|
|
Signed-off-by: Biao Jiang <standup-jb@github.com>
Co-authored-by: biao.jiang@ximalaya.com <biao.jiang@ximalaya.com>
|
|
* initial commit
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* convert endpointslices to object.endpoints
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add opt hard coded for now
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* check that server supports endpointslice
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix import grouping
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* dont use endpoint slice in 1.17 or 1.18
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* bump kind/k8s in circle ci to latest
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* drop k8s to latest supported by kind
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* use endpointslice name as endoint Name; index by Service name
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* use index key comparison in nsAddrs()
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add Index to object.Endpoint fixtures; fix direct endpoint name compares
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add slice dup check and test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* todo
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add ep-slice skew dup test for reverse
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* nsaddrs: de-dup ep-slice skew dups; add test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove todo
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* address various feedback
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* consolidate endpoint/slice informer code
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix endpoint informer consolidation; use clearer func name
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* log info; use major/minor fields
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix nsAddr and unit test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add latency tracking for endpointslices
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* endpointslice latency unit test & fix
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* code shuffling
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* rename endpointslices in tests
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove de-dup from nsAddrs and test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove de-dup from findServices / test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
|
|
* Implement notifies for transfer plugin (#3972)
* Fix notifies in transfer plugin
Signed-off-by: Miek Gieben <miek@miek.nl>
* Make it compile
Signed-off-by: Miek Gieben <miek@miek.nl>
* Port more plugins
Signed-off-by: Miek Gieben <miek@miek.nl>
* golint
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix tests
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix notifies in transfer plugin
Signed-off-by: Miek Gieben <miek@miek.nl>
* Make it compile
Signed-off-by: Miek Gieben <miek@miek.nl>
* Port more plugins
Signed-off-by: Miek Gieben <miek@miek.nl>
* golint
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix tests
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix tests
Signed-off-by: Miek Gieben <miek@miek.nl>
* really fix test
Signed-off-by: Miek Gieben <miek@miek.nl>
* Implement ixfr fallback and unify file and auto for transfering
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add transfer tests
copied and modified from #3452
Signed-off-by: Miek Gieben <miek@miek.nl>
* Test correct selection of plugin
Signed-off-by: Miek Gieben <miek@miek.nl>
* add upstream back in
Signed-off-by: Miek Gieben <miek@miek.nl>
* Implement ixfr fallback and unify file and auto for transfering
Signed-off-by: Miek Gieben <miek@miek.nl>
* fix test
Signed-off-by: Miek Gieben <miek@miek.nl>
* properly merge
Signed-off-by: Miek Gieben <miek@miek.nl>
* Remove plugin/kubernetes/setup_transfer_test.go
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Co-authored-by: Miek Gieben <miek@miek.nl>
|
|
This reverts commit 68f1dd5ddf0451cc3a1b24a72c2965b8d896ffba.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
|
|
* Fix notifies in transfer plugin
Signed-off-by: Miek Gieben <miek@miek.nl>
* Make it compile
Signed-off-by: Miek Gieben <miek@miek.nl>
* Port more plugins
Signed-off-by: Miek Gieben <miek@miek.nl>
* golint
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix tests
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix notifies in transfer plugin
Signed-off-by: Miek Gieben <miek@miek.nl>
* Make it compile
Signed-off-by: Miek Gieben <miek@miek.nl>
* Port more plugins
Signed-off-by: Miek Gieben <miek@miek.nl>
* golint
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix tests
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix tests
Signed-off-by: Miek Gieben <miek@miek.nl>
* really fix test
Signed-off-by: Miek Gieben <miek@miek.nl>
* Implement ixfr fallback and unify file and auto for transfering
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add transfer tests
copied and modified from #3452
Signed-off-by: Miek Gieben <miek@miek.nl>
* Test correct selection of plugin
Signed-off-by: Miek Gieben <miek@miek.nl>
* add upstream back in
Signed-off-by: Miek Gieben <miek@miek.nl>
* Implement ixfr fallback and unify file and auto for transfering
Signed-off-by: Miek Gieben <miek@miek.nl>
* fix test
Signed-off-by: Miek Gieben <miek@miek.nl>
* properly merge
Signed-off-by: Miek Gieben <miek@miek.nl>
|
|
* Update k8s.io/[api|apimachinery|client-go] to v0.18.0
This PR updates k8s.io/[api|apimachinery|client-go] to v0.18.0
This PR closes 3791
This PR closes 3792
This PR closes 3793
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Fix test failures
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Fix failed tests
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Fix test failure
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
|
|
Automatically submitted.
|
|
The Kubernetes DNS specification schema version was
updated to 1.1.0 in order to support IPv6
Signed-off-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
|
|
* use all local IPs
* mult/bind ips
* gofmt + boundIPs fix
* fix no matching endpoint case
* don't duplicate NS records in answer
* fix answer dedup
* fix comment
* add multi local ip test case
|
|
* fix external ns records
* use k8s service name for ns record
* update test, add func comment
* expand nsAddrs() test cases
* support local ipv6 ip
* use less confusing pod ip in test
|
|
* spelling fixes
* its/it's
|
|
|
|
|
|
Don't add pods to our internal cache that are being deleted. This saves
a field in the struct as well.
Add (extra) comments about adding fields to the
object/{Pod,Service,Endpoint} structs.
Signed-off-by: Miek Gieben <miek@miek.nl>
|
|
|
|
* kubernetes: never respond with NXDOMAIN for authority label
Return a nodata response when trying to resolve the authority's label
for a record type that doesn't match the record type of the authority.
This guards against poisoning the authority record by requesting the
wrong record type for the authority label. For instance, given an
authoritative resolver that uses subdomain delegation for Kubernetes
services of a cluster that's configured to use IPv4, the parent may be
poisoned by querying it for the authority label of the cluster subdomain
with a AAAA record type, which would otherwise (i.e. without this
change) return an NXDOMAIN. That is, given
cluster.example.com NS 10800 ns.dns.cluster.example.com
ns.dns.cluster.example.com A 10800 10.0.1.2
The parent may be poisoned for the SOA TTL by querying it for a AAAA
record of ns.dns.cluster.example.com, causing the parent to fail
delegate properly until the SOA TTL lapses.
* kubernetes: add tests for authority queries
|
|
* Remove context.Context from request.Request
This removes the context from request.Request and makes all the changes
in the code to make it compile again. It's all mechanical. It did
unearth some weirdness in that the context was kept in handler structs
which may cause havoc with concurrently handling of requests.
Fixes #2721
Signed-off-by: Miek Gieben <miek@miek.nl>
* Make test compile
Signed-off-by: Miek Gieben <miek@miek.nl>
|
|
|
|
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
|
|
|
|
This fix deprecates endpoints for out-of-cluster k8s api,
The Corefile still takes multiple endpoints though only
the first one is used. A warning is shown if there are
multiple endpoints.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
|
|
* Default to upstream to self
This is a backwards incompatible change.
This is a massive (cleanup) PR where we default to resolving external
names by the coredns process itself, instead of directly forwarding them
to some upstream.
This ignores any arguments `upstream` may have had and makes it depend
on proxy/forward configuration in the Corefile. This allows resolved
upstream names to be cached and we have better healthchecking of the
upstreams. It also means there is only one way to resolve names, by
either using the proxy or forward plugin.
The proxy/forward lookup.go functions have been removed. This also
lessen the dependency on proxy, meaning deprecating proxy will become
easier. Some tests have been removed as well, or moved to the top-level
test directory as they now require a full coredns process instead of
just the plugin.
For the etcd plugin, the entire StubZone resolving is *dropped*! This
was a hacky (but working) solution to say the least. If someone cares
deeply it can be brought back (maybe)?
The pkg/upstream is now very small and almost does nothing. Also the
New() function was changed to return a pointer to upstream.Upstream. It
also returns only one parameter, so any stragglers using it will
encounter a compile error.
All documentation has been adapted. This affected the following plugins:
* etcd
* file
* auto
* secondary
* federation
* template
* route53
A followup PR will make any upstream directives with arguments an error,
right now they are ignored.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix etcd build - probably still fails unit test
Signed-off-by: Miek Gieben <miek@miek.nl>
* Slightly smarter lookup check in upstream
Signed-off-by: Miek Gieben <miek@miek.nl>
* Compilez
Signed-off-by: Miek Gieben <miek@miek.nl>
|
|
* plugin/kubernetes: smaller map
to continue with a theme: the map[string]bool can be reduced
to map[string]struct{} to reduce a tiny amount of memory.
Signed-off-by: Miek Gieben <miek@miek.nl>
* fix tests
Signed-off-by: Miek Gieben <miek@miek.nl>
|
|
This is a relic from the etcd integration and only used to remove in the
final answer returned to the client. We do need it. Make it a constant
and only one character wide.
Signed-off-by: Miek Gieben <miek@miek.nl>
|
|
|
|
This reverts commit 974ed086f25ad45a01947e276e2eb8aa73d007a3.
|
|
|
|
* Convert to runtime.Object to smaller structs
This adds conversion for all the objects we want to keep in the cache.
It keeps the minimum for CoreDNS to function and throws away the rest.
The conversion:
api.Endpoints -> object.Endpoints
api.Pod -> object.Pod
api.Serivce -> object.Service
We needed to copy some client-go stuff to insert a conversion function
into NewIndexInformers.
Some unrelated cleanups in the watch functionality as that needed to be
touched because of the above translation of objects.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Reduce test line-count
Signed-off-by: Miek Gieben <miek@miek.nl>
* ....and fix test
Signed-off-by: Miek Gieben <miek@miek.nl>
* Drop use of append
Signed-off-by: Miek Gieben <miek@miek.nl>
* cosmetic changes
Signed-off-by: Miek Gieben <miek@miek.nl>
* that was a typo
Signed-off-by: Miek Gieben <miek@miek.nl>
* re-introduce append here
We can't really use len() here because we don't know the number before
hand.
Signed-off-by: Miek Gieben <miek@miek.nl>
* comment in better place
Signed-off-by: Miek Gieben <miek@miek.nl>
* Make the timestamp a bool; thats where it is used for
Signed-off-by: Miek Gieben <miek@miek.nl>
* Set incoming object to nil
Explicataliy discard the converted object; we did a deep copy it's
not needed anymore.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Per Chris's comment
Signed-off-by: Miek Gieben <miek@miek.nl>
|
|
* Add support for authentication with kubeconfig files
* Update k8s plugin documentation
* Fix whitespace in README and tests
* Use clientcmd package to load kubeconfig file
|
|
* WIP: trying stuff out
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fixes
Signed-off-by: Miek Gieben <miek@miek.nl>
* Revert "WIP: trying stuff out"
This reverts commit a18a6ae1233d5f34c98164fd693294c36b3240b7.
|
|
* plugin/kubernetes: remove bunch a string ops
This removes a bunch of appends to where not needed, makes dnsutil.Join
take variadic args which removes the need to wrap in a new string slice.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix calls to dnsutil.Join
Signed-off-by: Miek Gieben <miek@miek.nl>
* Revert these
Signed-off-by: Miek Gieben <miek@miek.nl>
|
|
|
|
inject sentinels for portless services
|
|
* Add part 1 watch functionality. (squashed)
* add funcs for service/endpoint fqdns
* add endpoints watch
* document exposed funcs
* only send subset deltas
* locking for watch map
* tests and docs
* add pod watch
* remove debugs prints
* feedback part 1
* add error reporting to proto
* inform clients of server stop+errors
* add grpc options param
* use proper context
* Review feedback:
* Removed client (will move to another repo)
* Use new log functions
* Change watchChan to be for string not []string
* Rework how k8s plugin stores watch tracking info to simplify
* Normalize the qname on watch request
* Add blank line back
* Revert another spurious change
* Fix tests
* Add stop channel.
Fix tests.
Better docs for plugin interface.
* fmt.Printf -> log.Warningf
* Move from dnsserver to plugin/pkg/watch
* gofmt
* remove dead client watches
* sate linter
* linter omg
|
|
Remove the code and remove the call in etcd and kubernetes handlers.
This does mean we should not add dups in the first place, which means
adding maps in backend_lookup to prevent dups from begin added.
This should cut down on the allocations because dnsutil.Dedup is very
expensive by converting everything to strings, we avoid doing that now.
|
|
* ADD: ignoreemptyservice option for kubernetes plugin
* Modify documentation and rename option to add space
* UPD: Add unit tests
* UPD: gofmt
* Add unit test for ignore emptyservice
* gofmt
* xfr tests failed
* Rename emptyservice to empty_service
|
|
* check for bare zone query
* check for bare type query
|
|
|
|
Rename the constants to IP4arpa and IP6arpa (shorter and exported) and
make IsReverse return the type of the reverse zone which could be handy
for some callers.
Also add tests for IsReverse()
|
|
* better handle non PTR rev zone qrys
* vice versa
* tests
* comment typo
* much cleaner
|
|
* add upstream @self and loop count
* 1st round of feedback
* allow argless upstream
* update test
* readmes
* feedback
|
|
|
|
* plugin/kubernetes: axfr
Hook up dynamic SOA serial by setting ResourceEventHandlerFuncs in
dnsController.
Add prototype of returns msg.Services via the Transfer function. Leave
expanding this to RRs out of scope for a bit.
* plugin/kubernetes: axfr
Respond to AXFR queries
* Fixing race condition
* Fixing instantiation of dnstest writer
* Updates from review
|
|
|
uesyn
Chris O'Haver
Miek Gieben
Lars Ekman
Jiang Biao
Yong Tang
Antonio Ojea
AllenZMC
Billie Cleek
Matt Greenfield
Zach Eddy
John Belamaric
darkweaver87
Brad Beam
