This fix deprecates endpoints for out-of-cluster k8s api,
The Corefile still takes multiple endpoints though only
the first one is used. A warning is shown if there are
multiple endpoints.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Default to upstream to self
This is a backwards incompatible change.
This is a massive (cleanup) PR where we default to resolving external
names by the coredns process itself, instead of directly forwarding them
to some upstream.
This ignores any arguments `upstream` may have had and makes it depend
on proxy/forward configuration in the Corefile. This allows resolved
upstream names to be cached and we have better healthchecking of the
upstreams. It also means there is only one way to resolve names, by
either using the proxy or forward plugin.
The proxy/forward lookup.go functions have been removed. This also
lessen the dependency on proxy, meaning deprecating proxy will become
easier. Some tests have been removed as well, or moved to the top-level
test directory as they now require a full coredns process instead of
just the plugin.
For the etcd plugin, the entire StubZone resolving is *dropped*! This
was a hacky (but working) solution to say the least. If someone cares
deeply it can be brought back (maybe)?
The pkg/upstream is now very small and almost does nothing. Also the
New() function was changed to return a pointer to upstream.Upstream. It
also returns only one parameter, so any stragglers using it will
encounter a compile error.
All documentation has been adapted. This affected the following plugins:
* etcd
* file
* auto
* secondary
* federation
* template
* route53
A followup PR will make any upstream directives with arguments an error,
right now they are ignored.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix etcd build - probably still fails unit test
Signed-off-by: Miek Gieben <miek@miek.nl>
* Slightly smarter lookup check in upstream
Signed-off-by: Miek Gieben <miek@miek.nl>
* Compilez
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/kubernetes: smaller map
to continue with a theme: the map[string]bool can be reduced
to map[string]struct{} to reduce a tiny amount of memory.
Signed-off-by: Miek Gieben <miek@miek.nl>
* fix tests
Signed-off-by: Miek Gieben <miek@miek.nl>
This is a relic from the etcd integration and only used to remove in the
final answer returned to the client. We do need it. Make it a constant
and only one character wide.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Convert to runtime.Object to smaller structs
This adds conversion for all the objects we want to keep in the cache.
It keeps the minimum for CoreDNS to function and throws away the rest.
The conversion:
api.Endpoints -> object.Endpoints
api.Pod -> object.Pod
api.Serivce -> object.Service
We needed to copy some client-go stuff to insert a conversion function
into NewIndexInformers.
Some unrelated cleanups in the watch functionality as that needed to be
touched because of the above translation of objects.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Reduce test line-count
Signed-off-by: Miek Gieben <miek@miek.nl>
* ....and fix test
Signed-off-by: Miek Gieben <miek@miek.nl>
* Drop use of append
Signed-off-by: Miek Gieben <miek@miek.nl>
* cosmetic changes
Signed-off-by: Miek Gieben <miek@miek.nl>
* that was a typo
Signed-off-by: Miek Gieben <miek@miek.nl>
* re-introduce append here
We can't really use len() here because we don't know the number before
hand.
Signed-off-by: Miek Gieben <miek@miek.nl>
* comment in better place
Signed-off-by: Miek Gieben <miek@miek.nl>
* Make the timestamp a bool; thats where it is used for
Signed-off-by: Miek Gieben <miek@miek.nl>
* Set incoming object to nil
Explicataliy discard the converted object; we did a deep copy it's
not needed anymore.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Per Chris's comment
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add support for authentication with kubeconfig files
* Update k8s plugin documentation
* Fix whitespace in README and tests
* Use clientcmd package to load kubeconfig file
* plugin/kubernetes: remove bunch a string ops
This removes a bunch of appends to where not needed, makes dnsutil.Join
take variadic args which removes the need to wrap in a new string slice.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix calls to dnsutil.Join
Signed-off-by: Miek Gieben <miek@miek.nl>
* Revert these
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add part 1 watch functionality. (squashed)
* add funcs for service/endpoint fqdns
* add endpoints watch
* document exposed funcs
* only send subset deltas
* locking for watch map
* tests and docs
* add pod watch
* remove debugs prints
* feedback part 1
* add error reporting to proto
* inform clients of server stop+errors
* add grpc options param
* use proper context
* Review feedback:
* Removed client (will move to another repo)
* Use new log functions
* Change watchChan to be for string not []string
* Rework how k8s plugin stores watch tracking info to simplify
* Normalize the qname on watch request
* Add blank line back
* Revert another spurious change
* Fix tests
* Add stop channel.
Fix tests.
Better docs for plugin interface.
* fmt.Printf -> log.Warningf
* Move from dnsserver to plugin/pkg/watch
* gofmt
* remove dead client watches
* sate linter
* linter omg
Remove the code and remove the call in etcd and kubernetes handlers.
This does mean we should not add dups in the first place, which means
adding maps in backend_lookup to prevent dups from begin added.
This should cut down on the allocations because dnsutil.Dedup is very
expensive by converting everything to strings, we avoid doing that now.
* ADD: ignoreemptyservice option for kubernetes plugin
* Modify documentation and rename option to add space
* UPD: Add unit tests
* UPD: gofmt
* Add unit test for ignore emptyservice
* gofmt
* xfr tests failed
* Rename emptyservice to empty_service
Rename the constants to IP4arpa and IP6arpa (shorter and exported) and
make IsReverse return the type of the reverse zone which could be handy
for some callers.
Also add tests for IsReverse()
* plugin/kubernetes: axfr
Hook up dynamic SOA serial by setting ResourceEventHandlerFuncs in
dnsController.
Add prototype of returns msg.Services via the Transfer function. Leave
expanding this to RRs out of scope for a bit.
* plugin/kubernetes: axfr
Respond to AXFR queries
* Fixing race condition
* Fixing instantiation of dnstest writer
* Updates from review
* Add pkg/fall for Fallthrough
Move this into it's own package to facilitate tests. Important bug
was fixed: make the names fully qualified.
Add fall package to hosts, reverse, etcd, and fix kubernetes and any
tests. The k8s tests are still as-is, might need a future cleanup.
This is probably the first in a series to fix "crazy" pod queries.
If the namespace doesn't exist return NXDOMAIN.
It might be worth extending this 1:1 to findServices as well.
* Update k8s client-go to v6.0.0
This fix updates k8s client-go to v6.0.0 as CoreDNS is supported
in 1.9 and v6.0.0 is the recommended version.
There are quite some massive changes that need to be made:
1. k8s.io/client-go/pkg/api/v1 has been changed to k8s.io/api/v1 (repo changed from `client-go` to `api`)
2. kubernetes.Clientset adds one extra layer, so that `kubernetes.Clientset.Services()` and like has been changed to `kubernetes.Clientset.CoreV1().Services()`
Also, we have to stick with specific commits of `k8s.io/apimachinery` and the newly introduced `k8s.io/api`
because go dep still could not figure out the right version to fetch.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Update vendor with `dep ensure --update` and `dep prune`
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* plugin/kubernetes: Add GetNamespaceByName
A bare or wildcard query for just the namespace should return NODATA,
not NXDOMAIN, otherwise we deny the entirety of the names under the
namespace.
Add test to check for this in pod verified mode.
* Review
More comments and move namespace code to namespace.go
Change to use a new 'endpoints' directive and use a constant
Add initial docs for 'endpoints' directive
Add tests to Kubernetes setup for endpoints
Changes based on PR feedback
endpoint_pod_names is a boolean config option. Chahanged docs to reflect this.
Add a test when endpoints_pod_names is not set
Update README.md
Remove endpointNameModeName as it is no longer used
* plugin/kubernetes: wait until api is ready
Wait for HasSynced before allowing startup to avoid startup race.
Also do a small refactor in findServices() to pull a check out of the
loop - only needs to be done once.
* sigh
* healthchecks: check on every 3rd failure
Check on every third failure and some cleanups to make this possible. A
failed healthcheck will never increase Fails, a successfull healthceck
will reset Fails to 0. This is a chance this counter now drops below 0,
making the upstream super? healthy.
This removes the okUntil smartness and condences everything back to 1
metrics: Fails; so it's simpler in that regard.
Timout errors are *not* attributed to the local upstream, and don't get
counted into the Fails anymore. Meaning the 'dig any isc.org' won't kill
your upstream.
Added extra test the see if the Fails counter gets reset after 3 failed
connection.
There is still a disconnect beween HTTP healthceck working the proxy (or
lookup) not being able to connect to the upstream.
* Fix tests
* healhcheck: various cleanups
Network wasn't used. IgnorePaths wasn't used. Move checkdown function to
common function shared between proxy protocols. And some naming fixed.
Also reset the Fails on a succesful healthcheck back to 0.
remove newlines from log
* compile
* fix test
* Rename middleware to plugin
first pass; mostly used 'sed', few spots where I manually changed
text.
This still builds a coredns binary.
* fmt error
* Rename AddMiddleware to AddPlugin
* Readd AddMiddleware to remain backwards compat
2017-09-14 09:36:06 +01:00
Renamed from middleware/kubernetes/kubernetes.go (Browse further)
