docs: run make Makefile.doc (#2210)

No other changes. Signed-off-by: Miek Gieben <miek@miek.nl>
2018-10-18 09:47:03 +01:00 · 2018-10-18 09:47:03 +01:00 · a8c38298f7
commit a8c38298f7
parent 7343c7012f
34 changed files with 208 additions and 63 deletions
--- a/man/coredns-auto.7
+++ b/man/coredns-auto.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-AUTO" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-AUTO" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIauto\fR \- enables serving zone data from an RFC 1035\-style master file, which is automatically picked up from disk\.
@ -15,6 +15,7 @@ The \fIauto\fR plugin is used for an "old\-style" DNS server\. It serves from a

 auto [ZONES\.\.\.] {
    directory DIR [REGEXP ORIGIN_TEMPLATE [TIMEOUT]]
+    reload DURATION
    no_reload
    upstream [ADDRESS\.\.\.]
 }
@ -28,7 +29,10 @@ auto [ZONES\.\.\.] {
 \fBdirectory\fR loads zones from the specified \fBDIR\fR\. If a file name matches \fBREGEXP\fR it will be used to extract the origin\. \fBORIGIN_TEMPLATE\fR will be used as a template for the origin\. Strings like \fB{<number>}\fR are replaced with the respective matches in the file name, e\.g\. \fB{1}\fR is the first match, \fB{2}\fR is the second\. The default is: \fBdb\e\.(\.*) {1}\fR i\.e\. from a file with the name \fBdb\.example\.com\fR, the extracted origin will be \fBexample\.com\fR\. \fBTIMEOUT\fR specifies how often CoreDNS should scan the directory; the default is every 60 seconds\. This value is in seconds\. The minimum value is 1 second\.
 .
 .IP "\(bu" 4
-\fBno_reload\fR by default CoreDNS will try to reload a zone every minute and reloads if the SOA\'s serial has changed\. This option disables that behavior\.
+\fBreload\fR interval to perform reload of zone if SOA version changes\. Default is one minute\. Value of \fB0\fR means to not scan for changes and reload\. eg\. \fB30s\fR checks zonefile every 30 seconds and reloads zone when serial changes\.
+.
+.IP "\(bu" 4
+\fBno_reload\fR deprecated\. Sets reload to 0\.
 .
 .IP "\(bu" 4
 \fBupstream\fR defines upstream resolvers to be used resolve external names found (think CNAMEs) pointing to external names\. \fBADDRESS\fR can be an IP address, an IP:port or a string pointing to a file that is structured as /etc/resolv\.conf\. If no \fBADDRESS\fR is given, CoreDNS will resolve CNAMEs against itself\.
--- a/man/coredns-autopath.7
+++ b/man/coredns-autopath.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-AUTOPATH" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-AUTOPATH" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIautopath\fR \- allows for server\-side search path completion\.
--- a/man/coredns-bind.7
+++ b/man/coredns-bind.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-BIND" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-BIND" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIbind\fR \- overrides the host to which the server should bind\.
--- a/man/coredns-cache.7
+++ b/man/coredns-cache.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-CACHE" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-CACHE" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIcache\fR \- enables a frontend cache\.
@ -39,8 +39,8 @@ If you want more control:
 .nf

 cache [TTL] [ZONES\.\.\.] {
-    success CAPACITY [TTL]
-    denial CAPACITY [TTL]
+    success CAPACITY [TTL] [MINTTL]
+    denial CAPACITY [TTL] [MINTTL]
    prefetch AMOUNT [[DURATION] [PERCENTAGE%]]
 }
 .
@ -52,10 +52,10 @@ cache [TTL] [ZONES\.\.\.] {
 \fBTTL\fR and \fBZONES\fR as above\.
 .
 .IP "\(bu" 4
-\fBsuccess\fR, override the settings for caching successful responses\. \fBCAPACITY\fR indicates the maximum number of packets we cache before we start evicting (\fIrandomly\fR)\. \fBTTL\fR overrides the cache maximum TTL\.
+\fBsuccess\fR, override the settings for caching successful responses\. \fBCAPACITY\fR indicates the maximum number of packets we cache before we start evicting (\fIrandomly\fR)\. \fBTTL\fR overrides the cache maximum TTL\. \fBMINTTL\fR overrides the cache minimum TTL (default 0), which can be useful to limit queries to the backend\.
 .
 .IP "\(bu" 4
-\fBdenial\fR, override the settings for caching denial of existence responses\. \fBCAPACITY\fR indicates the maximum number of packets we cache before we start evicting (LRU)\. \fBTTL\fR overrides the cache maximum TTL\. There is a third category (\fBerror\fR) but those responses are never cached\.
+\fBdenial\fR, override the settings for caching denial of existence responses\. \fBCAPACITY\fR indicates the maximum number of packets we cache before we start evicting (LRU)\. \fBTTL\fR overrides the cache maximum TTL\. \fBMINTTL\fR overrides the cache minimum TTL (default 0), which can be useful to limit queries to the backend\. There is a third category (\fBerror\fR) but those responses are never cached\.
 .
 .IP "\(bu" 4
 \fBprefetch\fR will prefetch popular items when they are about to be expunged from the cache\. Popular means \fBAMOUNT\fR queries have been seen with no gaps of \fBDURATION\fR or more between them\. \fBDURATION\fR defaults to 1m\. Prefetching will happen when the TTL drops below \fBPERCENTAGE\fR, which defaults to \fB10%\fR, or latest 1 second before TTL expiration\. Values should be in the range \fB[10%, 90%]\fR\. Note the percent sign is mandatory\. \fBPERCENTAGE\fR is treated as an \fBint\fR\.
--- a/man/coredns-chaos.7
+++ b/man/coredns-chaos.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-CHAOS" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-CHAOS" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIchaos\fR \- allows for responding to TXT queries in the CH class\.
--- a/man/coredns-debug.7
+++ b/man/coredns-debug.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-DEBUG" "7" "July 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-DEBUG" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIdebug\fR \- disables the automatic recovery upon a crash so that you\'ll get a nice stack trace\.
--- a/man/coredns-dnssec.7
+++ b/man/coredns-dnssec.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-DNSSEC" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-DNSSEC" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIdnssec\fR \- enable on\-the\-fly DNSSEC signing of served data\.
--- a/man/coredns-dnstap.7
+++ b/man/coredns-dnstap.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-DNSTAP" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-DNSTAP" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIdnstap\fR \- enable logging to dnstap\.
--- a/man/coredns-erratic.7
+++ b/man/coredns-erratic.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-ERRATIC" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-ERRATIC" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIerratic\fR \- a plugin useful for testing client behavior\.
--- a/man/coredns-errors.7
+++ b/man/coredns-errors.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-ERRORS" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-ERRORS" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIerrors\fR \- enable error logging\.
--- a/man/coredns-etcd.7
+++ b/man/coredns-etcd.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-ETCD" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-ETCD" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIetcd\fR \- enables reading zone data from an etcd version 3 instance\.
--- a/man/coredns-federation.7
+++ b/man/coredns-federation.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-FEDERATION" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-FEDERATION" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIfederation\fR \- enables federated queries to be resolved via the kubernetes plugin\.
@ -18,6 +18,7 @@ Enabling \fIfederation\fR without also having \fIkubernetes\fR is a noop\.

 federation [ZONES\.\.\.] {
    NAME DOMAIN
+    upstream [ADDRESS\.\.\.]
 }
 .
 .fi
@ -25,6 +26,9 @@ federation [ZONES\.\.\.] {
 .IP "\(bu" 4
 Each \fBNAME\fR and \fBDOMAIN\fR defines federation membership\. One entry for each\. A duplicate \fBNAME\fR will silently overwrite any previous value\.
 .
+.IP "\(bu" 4
+\fBupstream\fR [\fBADDRESS\fR\.\.\.] defines the upstream resolvers used for resolving the \fBCNAME\fR target produced by this plugin\. If no \fBADDRESS\fR is given, CoreDNS will resolve External Services against itself\. \fBADDRESS\fR can be an IP, an IP:port, or a path to a file structured like resolv\.conf\.
+.
 .IP "" 0
 .
 .SH "EXAMPLES"
@ -39,6 +43,7 @@ Here we handle all service requests in the \fBprod\fR and \fBstage\fR federation
    federation cluster\.local {
        prod prod\.feddomain\.com
        staging staging\.feddomain\.com
+        upstream
    }
 }
 .
@ -58,6 +63,7 @@ cluster\.local {
    federation {
        prod prod\.feddomain\.com
        staging staging\.feddomain\.com
+        upstream
    }
 }
 .
--- a/man/coredns-file.7
+++ b/man/coredns-file.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-FILE" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-FILE" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIfile\fR \- enables serving zone data from an RFC 1035\-style master file\.
@ -34,6 +34,7 @@ If you want to round robin A and AAAA responses look at the \fIloadbalance\fR pl

 file DBFILE [ZONES\.\.\. ] {
    transfer to ADDRESS\.\.\.
+    reload DURATION
    no_reload
    upstream [ADDRESS\.\.\.]
 }
@ -46,7 +47,10 @@ file DBFILE [ZONES\.\.\. ] {
 \fBtransfer\fR enables zone transfers\. It may be specified multiples times\. \fBTo\fR or \fBfrom\fR signals the direction\. \fBADDRESS\fR must be denoted in CIDR notation (127\.0\.0\.1/32 etc\.) or just as plain addresses\. The special wildcard \fB*\fR means: the entire internet (only valid for \'transfer to\')\. When an address is specified a notify message will be send whenever the zone is reloaded\.
 .
 .IP "\(bu" 4
-\fBno_reload\fR by default CoreDNS will try to reload a zone every minute and reloads if the SOA\'s serial has changed\. This option disables that behavior\.
+\fBreload\fR interval to perform reload of zone if SOA version changes\. Default is one minute\. Value of \fB0\fR means to not scan for changes and reload\. eg\. \fB30s\fR checks zonefile every 30 seconds and reloads zone when serial changes\.
+.
+.IP "\(bu" 4
+\fBno_reload\fR deprecated\. Sets reload to 0\.
 .
 .IP "\(bu" 4
 \fBupstream\fR defines upstream resolvers to be used resolve external names found (think CNAMEs) pointing to external names\. This is only really useful when CoreDNS is configured as a proxy, for normal authoritative serving you don\'t need \fIor\fR want to use this\. \fBADDRESS\fR can be an IP address, and IP:port or a string pointing to a file that is structured as /etc/resolv\.conf\. If no \fBADDRESS\fR is given, CoreDNS will resolve CNAMEs against itself\.
--- a/man/coredns-forward.7
+++ b/man/coredns-forward.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-FORWARD" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-FORWARD" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIforward\fR \- facilitates proxying DNS messages to upstream resolvers\.
--- a/man/coredns-health.7
+++ b/man/coredns-health.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-HEALTH" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-HEALTH" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIhealth\fR \- enables a health check endpoint\.
--- a/man/coredns-hosts.7
+++ b/man/coredns-hosts.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-HOSTS" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-HOSTS" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIhosts\fR \- enables serving zone data from a \fB/etc/hosts\fR style file\.
--- a/man/coredns-kubernetes.7
+++ b/man/coredns-kubernetes.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-KUBERNETES" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-KUBERNETES" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIkubernetes\fR \- enables the reading zone data from a Kubernetes cluster\.
@ -61,6 +61,9 @@ kubernetes [ZONES\.\.\.] {
 \fBtls\fR \fBCERT\fR \fBKEY\fR \fBCACERT\fR are the TLS cert, key and the CA cert file names for remote k8s connection\. This option is ignored if connecting in\-cluster (i\.e\. endpoint is not specified)\.
 .
 .IP "\(bu" 4
+\fBkubeconfig\fR \fBKUBECONFIG\fR \fBCONTEXT\fR authenticates the connection to a remote k8s cluster using a kubeconfig file\. It supports TLS, username and password, or token\-based authentication\. This option is ignored if connecting in\-cluster (i\.e\. endpoint is not specified)\.
+.
+.IP "\(bu" 4
 \fBnamespaces\fR \fBNAMESPACE [NAMESPACE\.\.\.]\fR, only exposes the k8s namespaces listed\. If this option is omitted all namespaces are exposed
 .
 .IP "\(bu" 4
--- a/man/coredns-loadbalance.7
+++ b/man/coredns-loadbalance.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-LOADBALANCE" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-LOADBALANCE" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIloadbalance\fR \- randomize the order of A, AAAA and MX records\.
--- a/man/coredns-log.7
+++ b/man/coredns-log.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-LOG" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-LOG" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIlog\fR \- enables query logging to standard output\.
--- a/man/coredns-loop.7
+++ b/man/coredns-loop.7
@ -1,13 +1,13 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-LOOP" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-LOOP" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIloop\fR \- detect simple forwarding loops and halt the server\.
 .
 .SH "DESCRIPTION"
-The \fIloop\fR plugin will send a random query to ourselves and will then keep track of how many times we see it\. If we see it more than twice, we assume CoreDNS is looping and we halt the process\.
+The \fIloop\fR plugin will send a random probe query to ourselves and will then keep track of how many times we see it\. If we see it more than twice, we assume CoreDNS is looping and we halt the process\.
 .
 .P
 The plugin will try to send the query for up to 30 seconds\. This is done to give CoreDNS enough time to start up\. Once a query has been successfully sent \fIloop\fR disables itself to prevent a query of death\.
@ -46,7 +46,7 @@ After CoreDNS has started it stops the process while logging:
 .
 .nf

-plugin/loop: Seen "HINFO IN 5577006791947779410\.8674665223082153551\." more than twice, loop detected
+plugin/loop: Forwarding loop detected in "\." zone\. Exiting\. See https://coredns\.io/plugins/loop#troubleshooting\. Probe query: "HINFO 5577006791947779410\.8674665223082153551\."\.
 .
 .fi
 .
@ -62,4 +62,21 @@ the loop must be present at start up time\.
 the loop must occur for at least the \fBHINFO\fR query type\.
 .
 .IP "" 0
-
+.
+.SH "TROUBLESHOOTING"
+When CoreDNS logs contain the message \fBForwarding loop detected \.\.\.\fR, this means that the \fBloop\fR detection plugin has detected an infinite forwarding loop in one of the upstream DNS servers\. This is a fatal error because operating with an infinite loop will consume memory and CPU until eventual out of memory death by the host\.
+.
+.P
+A forwarding loop is usually caused by: * Most commonly, CoreDNS forwarding requests directly to itself\. e\.g\. to \fB127\.0\.0\.1\fR or \fB127\.0\.0\.53\fR * Less commonly, CoreDNS forwarding to an upstream server that in turn, forwards requests back to CoreDNS\.
+.
+.P
+To troubleshoot this problem, look in your Corefile for any \fBproxy\fR or \fBforward\fR to the zone in which the loop was detected\. Make sure that they are not forwarding to a local address or to another DNS server that is forwarding requests back to CoreDNS\. If \fBproxy\fR or \fBforward\fR are using a file (e\.g\. \fB/etc/resolv\.conf\fR), make sure that file does not contain local addresses\.
+.
+.SS "TROUBLESHOOTING LOOPS IN KUBERNETES CLUSTERS"
+When a CoreDNS Pod deployed in Kubernetes detects a loop, the CoreDNS Pod will start to "CrashLoopBackOff"\. This is because Kubernetes will try to restart the Pod every time CoreDNS detects the loop and exits\.
+.
+.P
+A common cause of forwarding loops in Kubernetes clusters is an interaction with \fBsystemd\-resolved\fR on the host node\. \fBsystemd\-resolved\fR will, in certain configurations, put \fB127\.0\.0\.53\fR as an upstream into \fB/etc/resolv\.conf\fR\. Kubernetes (\fBkubelet\fR) by default will pass this \fB/etc/resolv/conf\fR file to all Pods using the \fBdefault\fR dnsPolicy (this includes CoreDNS Pods)\. CoreDNS then uses this \fB/etc/resolv\.conf\fR as a list of upstreams to proxy/forward requests to\. Since it contains a local address, CoreDNS ends up forwarding requests to itself\.
+.
+.P
+There are many ways to work around this issue, some are listed here: * Add the following to \fBkubelet\fR: \fB\-\-resolv\-conf /run/systemd/resolve/resolv\.conf\fR\. This flag tells \fBkubelet\fR to pass an alternate \fBresolv\.conf\fR to Pods\. For \fBsystemd\-resolved\fR, \fB/run/systemd/resolve/resolv\.conf\fR is typically the location of the "original" \fB/etc/resolv\.conf\fR\. * Disable \fBsystemd\-resolved\fR on host nodes, and restore \fB/etc/resolv\.conf\fR to the original\. * A quick and dirty fix is to edit your Corefile, replacing \fBproxy \. /etc/resolv\.conf\fR with the ip address of your upstream DNS, for example \fBproxy \. 8\.8\.8\.8\fR\.
--- a/man/coredns-metadata.7
+++ b/man/coredns-metadata.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-METADATA" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-METADATA" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fImetadata\fR \- enable a meta data collector\.
--- a/man/coredns-metrics.7
+++ b/man/coredns-metrics.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-METRICS" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-METRICS" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIprometheus\fR \- enables Prometheus \fIhttps://prometheus\.io/\fR metrics\.
--- a/man/coredns-nsid.7
+++ b/man/coredns-nsid.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-NSID" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-NSID" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fInsid\fR \- adds an identifier of this server to each reply\.
--- a/man/coredns-pprof.7
+++ b/man/coredns-pprof.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-PPROF" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-PPROF" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIpprof\fR \- publishes runtime profiling data at endpoints under \fB/debug/pprof\fR\.
--- a/man/coredns-proxy.7
+++ b/man/coredns-proxy.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-PROXY" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-PROXY" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIproxy\fR \- facilitates both a basic reverse proxy and a robust load balancer\.
--- a/man/coredns-reload.7
+++ b/man/coredns-reload.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-RELOAD" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-RELOAD" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIreload\fR \- allows automatic reload of a changed Corefile\.
--- a/man/coredns-rewrite.7
+++ b/man/coredns-rewrite.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-REWRITE" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-REWRITE" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIrewrite\fR \- performs internal message rewriting\.
@ -10,7 +10,7 @@
 Rewrites are invisible to the client\. There are simple rewrites (fast) and complex rewrites (slower), but they\'re powerful enough to accommodate most dynamic back\-end applications\.
 .
 .SH "SYNTAX"
-A simplified/easy to digest syntax for \fIrewrite\fR is\.\.\. ~~~ rewrite [continue|stop] FIELD FROM TO ~~~
+A simplified/easy to digest syntax for \fIrewrite\fR is\.\.\. ~~~ rewrite [continue|stop] FIELD [FROM TO|FROM TTL] ~~~
 .
 .IP "\(bu" 4
 \fBFIELD\fR indicates what part of the request/response is being re\-written\.
@ -30,15 +30,21 @@ A simplified/easy to digest syntax for \fIrewrite\fR is\.\.\. ~~~ rewrite [conti
 .IP "\(bu" 4
 \fBedns0\fR \- an EDNS0 option can be appended to the request as described below in the \fBEDNS0 Options\fR section\.
 .
+.IP "\(bu" 4
+\fBttl\fR \- the TTL value in the \fIresponse\fR is rewritten\.
+.
 .IP "" 0

 .
 .IP "\(bu" 4
-\fBFROM\fR is the name or type to match
+\fBFROM\fR is the name (exact, suffix, prefix, substring, or regex) or type to match
 .
 .IP "\(bu" 4
 \fBTO\fR is the destination name or type to rewrite to
 .
+.IP "\(bu" 4
+\fBTTL\fR is the number of seconds to set the TTL value to
+.
 .IP "" 0
 .
 .P
@ -131,6 +137,19 @@ Re\-written Request Name: \fBftp\.service\.us\-west\-1\.consul\fR
 .
 .IP "" 0
 .
+.P
+The following example rewrites the \fBschmoogle\.com\fR suffix to \fBgoogle\.com\fR\.
+.
+.IP "" 4
+.
+.nf
+
+rewrite name suffix \.schmoogle\.com\. \.google\.com\.
+.
+.fi
+.
+.IP "" 0
+.
 .SS "RESPONSE REWRITES"
 When re\-writing incoming DNS requests\' names, CoreDNS re\-writes the \fBQUESTION SECTION\fR section of the requests\. It may be necessary to re\-write the \fBANSWER SECTION\fR of the requests, because some DNS resolvers would treat the mismatch between \fBQUESTION SECTION\fR and \fBANSWER SECTION\fR as a man\-in\-the\-middle attack (MITM)\.
 .
@ -254,6 +273,40 @@ rewrite [continue|stop] name regex STRING STRING answer name STRING STRING
 .
 .IP "" 0
 .
+.SS "TTL FIELD REWRITES"
+At times, the need for rewriting TTL value could arise\. For example, a DNS server may prevent caching by setting TTL as low as zero (\fB0\fR)\. An administrator may want to increase the TTL to prevent caching, e\.g\. to 15 seconds\.
+.
+.P
+In the below example, the TTL in the answers for \fBcoredns\.rocks\fR domain are being set to \fB15\fR:
+.
+.IP "" 4
+.
+.nf
+
+    rewrite continue {
+        ttl regex (\.*)\e\.coredns\e\.rocks 15
+    }
+.
+.fi
+.
+.IP "" 0
+.
+.P
+By the same token, an administrator may use this feature to force caching by setting TTL value really low\.
+.
+.P
+The syntax for the TTL rewrite rule is as follows\. The meaning of \fBexact|prefix|suffix|substring|regex\fR is the same as with the name rewrite rules\.
+.
+.IP "" 4
+.
+.nf
+
+rewrite [continue|stop] ttl [exact|prefix|suffix|substring|regex] STRING SECONDS
+.
+.fi
+.
+.IP "" 0
+.
 .SH "EDNS0 OPTIONS"
 Using FIELD edns0, you can set, append, or replace specific EDNS0 options on the request\.
 .
@ -328,19 +381,6 @@ rewrite edns0 local set 0xffee {client_ip}
 .IP "" 0
 .
 .P
-The following example rewrites the \fBschmoogle\.com\fR suffix to \fBgoogle\.com\fR\.
-.
-.IP "" 4
-.
-.nf
-
-rewrite name suffix \.schmoogle\.com\. \.google\.com\.
-.
-.fi
-.
-.IP "" 0
-.
-.P
 The following example uses metadata and an imaginary "some\-plugin" that would provide "some\-label" as metadata information\.
 .
 .IP "" 4
--- a/man/coredns-root.7
+++ b/man/coredns-root.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-ROOT" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-ROOT" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIroot\fR \- simply specifies the root of where to find (zone) files\.
--- a/man/coredns-route53.7
+++ b/man/coredns-route53.7
@ -1,13 +1,13 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-ROUTE53" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-ROUTE53" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIroute53\fR \- enables serving zone data from AWS route53\.
 .
 .SH "DESCRIPTION"
-The route53 plugin is useful for serving zones from resource record sets in AWS route53\. This plugin only supports A and AAAA records\. The route53 plugin can be used when coredns is deployed on AWS\.
+The route53 plugin is useful for serving zones from resource record sets in AWS route53\. This plugin supports all Amazon Route 53 records (https://docs\.aws\.amazon\.com/Route53/latest/DeveloperGuide/ResourceRecordTypes\.html)\. The route53 plugin can be used when coredns is deployed on AWS or elsewhere\.
 .
 .SH "SYNTAX"
 .
@ -15,12 +15,15 @@ The route53 plugin is useful for serving zones from resource record sets in AWS

 route53 [ZONE:HOSTED_ZONE_ID\.\.\.] {
    [aws_access_key AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY]
+    upstream [ADDRESS\.\.\.]
+    credentials PROFILE [FILENAME]
+    fallthrough [ZONES\.\.\.]
 }
 .
 .fi
 .
 .IP "\(bu" 4
-\fBZONE\fR the name of the domain to be accessed\.
+\fBZONE\fR the name of the domain to be accessed\. When there are multiple zones with overlapping domains (private vs\. public hosted zone), CoreDNS does the lookup in the given order here\. Therefore, for a non\-existing resource record, SOA response will be from the rightmost zone\.
 .
 .IP "\(bu" 4
 \fBHOSTED_ZONE_ID\fR the ID of the hosted zone that contains the resource record sets to be accessed\.
@ -28,10 +31,28 @@ route53 [ZONE:HOSTED_ZONE_ID\.\.\.] {
 .IP "\(bu" 4
 \fBAWS_ACCESS_KEY_ID\fR and \fBAWS_SECRET_ACCESS_KEY\fR the AWS access key ID and secret access key to be used when query AWS (optional)\. If they are not provided, then coredns tries to access AWS credentials the same way as AWS CLI, e\.g\., environmental variables, AWS credentials file, instance profile credentials, etc\.
 .
+.IP "\(bu" 4
+\fBupstream\fR [\fBADDRESS\fR\.\.\.] specifies upstream resolver(s) used for resolving services that point to external hosts (eg\. used to resolve CNAMEs)\. If no \fBADDRESS\fR is given, CoreDNS will resolve against itself\. \fBADDRESS\fR can be an IP, an IP:port or a path to a file structured like resolv\.conf (\fBNB\fR: Currently a bug (#2099) is preventing the use of self\-resolver)\.
+.
+.IP "\(bu" 4
+\fBcredentials\fR used for reading the credential file and setting the profile name for a given zone\.
+.
+.IP "\(bu" 4
+\fBPROFILE\fR AWS account profile name\. Defaults to \fBdefault\fR\.
+.
+.IP "\(bu" 4
+\fBFILENAME\fR AWS credentials filename\. Defaults to \fB~/\.aws/credentials\fR are used\.
+.
+.IP "\(bu" 4
+\fBfallthrough\fR If zone matches and no record can be generated, pass request to the next plugin\. If \fB[ZONES\.\.\.]\fR is omitted, then fallthrough happens for all zones for which the plugin is authoritative\. If specific zones are listed (for example \fBin\-addr\.arpa\fR and \fBip6\.arpa\fR), then only queries for those zones will be subject to fallthrough\.
+.
+.IP "\(bu" 4
+\fBZONES\fR zones it should be authoritative for\. If empty, the zones from the configuration block
+.
 .IP "" 0
 .
 .SH "EXAMPLES"
-Enable route53, with implicit aws credentials:
+Enable route53 with implicit AWS credentials and an upstream:
 .
 .IP "" 4
 .
@ -39,6 +60,7 @@ Enable route53, with implicit aws credentials:

 \&\. {
    route53 example\.org\.:Z1Z2Z3Z4DZ5Z6Z7
+    upstream 10\.0\.0\.1
 }
 .
 .fi
@ -46,7 +68,7 @@ Enable route53, with implicit aws credentials:
 .IP "" 0
 .
 .P
-Enable route53, with explicit aws credentials:
+Enable route53 with explicit AWS credentials:
 .
 .IP "" 4
 .
@ -55,7 +77,56 @@ Enable route53, with explicit aws credentials:
 \&\. {
    route53 example\.org\.:Z1Z2Z3Z4DZ5Z6Z7 {
      aws_access_key AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY
-  }
+    }
+}
+.
+.fi
+.
+.IP "" 0
+.
+.P
+Enable route53 with fallthrough:
+.
+.IP "" 4
+.
+.nf
+
+\&\. {
+    route53 example\.org\.:Z1Z2Z3Z4DZ5Z6Z7 example\.gov\.:Z654321543245 {
+      fallthrough example\.gov\.
+    }
+}
+.
+.fi
+.
+.IP "" 0
+.
+.P
+Enable route53 with AWS credentials file:
+.
+.IP "" 4
+.
+.nf
+
+\&\. {
+    route53 example\.org\.:Z1Z2Z3Z4DZ5Z6Z7 {
+      credentials_file some\-user
+    }
+}
+.
+.fi
+.
+.IP "" 0
+.
+.P
+Enable route53 with multiple hosted zones with the same domain:
+.
+.IP "" 4
+.
+.nf
+
+\&\. {
+    route53 example\.org\.:Z1Z2Z3Z4DZ5Z6Z7 example\.org\.:Z93A52145678156
 }
 .
 .fi
--- a/man/coredns-secondary.7
+++ b/man/coredns-secondary.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-SECONDARY" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-SECONDARY" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIsecondary\fR \- enables serving a zone retrieved from a primary server\.
--- a/man/coredns-template.7
+++ b/man/coredns-template.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-TEMPLATE" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-TEMPLATE" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fItemplate\fR \- allows for dynamic responses based on the incoming query\.
--- a/man/coredns-tls.7
+++ b/man/coredns-tls.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-TLS" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-TLS" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fItls\fR \- allows you to configure the server certificates for the TLS and gRPC servers\.
--- a/man/coredns-trace.7
+++ b/man/coredns-trace.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-TRACE" "7" "June 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-TRACE" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fItrace\fR \- enables OpenTracing\-based tracing of DNS requests as they go through the plugin chain\.
--- a/man/coredns-whoami.7
+++ b/man/coredns-whoami.7
@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "COREDNS\-WHOAMI" "7" "August 2018" "CoreDNS" "CoreDNS plugins"
+.TH "COREDNS\-WHOAMI" "7" "October 2018" "CoreDNS" "CoreDNS plugins"
 .
 .SH "NAME"
 \fIwhoami\fR \- returns your resolver\'s local IP address, port and transport\.