* plugin/tls: respect the path specified by root plugin
Signed-off-by: Marius Kimmina <mar.kimmina@gmail.com>
* improve readme
Signed-off-by: Marius Kimmina <mar.kimmina@gmail.com>
---------
Signed-off-by: Marius Kimmina <mar.kimmina@gmail.com>
* introduce new interface "dnsserver.Viewer", that allows a plugin implementing it to decide if a query should be routed into its server block.
* add new plugin "view", that uses the new interface to enable a user to define expression based conditions that must be met for a query to be routed to its server block.
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* Add forwardcrd plugin README.md
Co-authored-by: Aidan Obley <aobley@vmware.com>
Signed-off-by: Christian Ang <angc@vmware.com>
* Create forwardcrd plugin
- Place forwardcrd before forward plugin in plugin list. This will avoid
forward from preventing the forwardcrd plugin from handling any queries
in the case of having a default upstream forwarder in a server block (as
is the case in the default kubernetes Corefile).
Co-authored-by: Aidan Obley <aobley@vmware.com>
Signed-off-by: Christian Ang <angc@vmware.com>
* Add Forward CRD
Signed-off-by: Christian Ang <angc@vmware.com>
* Add NewWithConfig to forward plugin
- allows external packages to instanciate forward plugins
Co-authored-by: Aidan Obley <aobley@vmware.com>
Signed-off-by: Christian Ang <angc@vmware.com>
* ForwardCRD plugin handles requests for Forward CRs
- add a Kubernetes controller that can read Forward CRs
- instances of the forward plugin are created based on Forward CRs from
the Kubernetes controller
- DNS requests are handled by calling matching Forward plugin instances
based on zone name
- Defaults to the kube-system namespace to align with Corefile RBAC
Signed-off-by: Christian Ang <angc@vmware.com>
Use klog v2 in forwardcrd plugin
* Refactor forward setup to use NewWithConfig
Co-authored-by: Christian Ang <angc@vmware.com>
Signed-off-by: Edwin Xie <exie@vmware.com>
* Use ParseInt instead of Atoi
- to ensure that the bitsize is 32 for later casting to uint32
Signed-off-by: Christian Ang <angc@vmware.com>
* Add @christianang to CODEOWNERS for forwardcrd
Signed-off-by: Christian Ang <angc@vmware.com>
Co-authored-by: Edwin Xie <exie@vmware.com>
* plugin/header: run go gen and small doc updates
Run go gen to enable the new plugin, this should fix the CI failures.
Small tweaks to the docs.
Signed-off-by: Miek Gieben <miek@miek.nl>
* another typo
Signed-off-by: Miek Gieben <miek@miek.nl>
* gofmt
Signed-off-by: Miek Gieben <miek@miek.nl>
* Create geoip plugin
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Update plugin/geoip/README.md
Co-authored-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Update plugin/geoip/README.md
Co-authored-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Update plugin/geoip/README.md
Co-authored-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Move DBFILE bullet below example
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Update plugin/geoip/README.md
Co-authored-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Remove plugin name test case
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Remove languages option
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Update free database link
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Remove last language bits
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Use 127.0.0.1 as probing IP
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Update plugin/geoip/geoip.go
Co-authored-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Update plugin/geoip/geoip.go
Co-authored-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Use relative path for fixtures dir
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Set names with default string zero value
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Remove unused db types
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Remove non city databases in testdata
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Remove create databases main
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Fix metadata label format test case
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Fix import path block
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* go fmt after changes
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Tidy up go.mod and go.sum
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
* Add plugin to CODEOWNERS
Signed-off-by: Sven Nebel <nebel.sven@gmail.com>
Co-authored-by: Miek Gieben <miek@miek.nl>
* Add dns64 plugin
Add external plugin to core in-tree.
* Pull code from upstream: https://github.com/serverwentdown/dns64
* Update docs.
Signed-off-by: Ben Kochie <superq@gmail.com>
* Make dns64 consistent.
Signed-off-by: Ben Kochie <superq@gmail.com>
* Cleanup README
Signed-off-by: Ben Kochie <superq@gmail.com>
* Cleanup minor issues.
Signed-off-by: Ben Kochie <superq@gmail.com>
* Remove proxy method.
Signed-off-by: Ben Kochie <superq@gmail.com>
* dns64: big cleanup
* Make the code a bit more idiomatic
* Add tests
* use proper Upstream API
Signed-off-by: Casey Callendrello <c1@caseyc.net>
Signed-off-by: Ben Kochie <superq@gmail.com>
* A little more clenaup
* Fix some docs.
* Use the correct plugin register method.
* Cleanup some review items.
Signed-off-by: Ben Kochie <superq@gmail.com>
* Add metrics counter for DNS64 translations
Add a basic counter of how many DNS64 translations have been completed.
Signed-off-by: Ben Kochie <superq@gmail.com>
* Add DNSSEC bug link
Signed-off-by: Ben Kochie <superq@gmail.com>
* Test cleanup
Signed-off-by: Ben Kochie <superq@gmail.com>
* dns64: more test cleanup
Signed-off-by: Casey Callendrello <c1@caseyc.net>
Co-authored-by: Casey Callendrello <c1@caseyc.net>
* Add plugin ACL for source ip filtering
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Allow all arguments to be optional and support multiple qtypes in a single policy
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Add newline before third party imports
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Use camel instead of underscore in method name
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Start with an upper case letter in t.Errorf()
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Use the qtype parse logic in miekg/dns
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Use third party trie implementation as the ip filter
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Update based on rdrozhdzh's comment
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Change the type of action to int
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Add IPv6 support
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Update plugin.cfg
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Remove file functionality
Signed-off-by: An Xiao <hac@zju.edu.cn>
* Update
Signed-off-by: Xiao An <hac@zju.edu.cn>
* Update README
Signed-off-by: Xiao An <hac@zju.edu.cn>
* remove comments
Signed-off-by: Xiao An <hac@zju.edu.cn>
* update
Signed-off-by: Xiao An <hac@zju.edu.cn>
* Update dependency
Signed-off-by: Xiao An <hac@zju.edu.cn>
* Update
Signed-off-by: Xiao An <hac@zju.edu.cn>
* Update test
Signed-off-by: Xiao An <hac@zju.edu.cn>
* Add OWNERS
Signed-off-by: Xiao An <hac@zju.edu.cn>
* Refactor shouldBlock and skip useless check
Signed-off-by: Xiao An <hac@zju.edu.cn>
* Introduce ActionNone
Signed-off-by: Xiao An <hac@zju.edu.cn>
* Update label name
Signed-off-by: Xiao An <hac@zju.edu.cn>
* Avoid capitalizing private types
Signed-off-by: Xiao An <hac@zju.edu.cn>
* plugin/sign: a plugin that signs zones
Sign is a plugin that signs zone data (on disk). The README.md details
what exactly happens to should be accurate related to the code.
Signs are signed with a CSK, resigning and first time signing is all
handled by *sign* plugin.
Logging with a test zone looks something like this:
~~~ txt
[INFO] plugin/sign: Signing "miek.nl." because open plugin/sign/testdata/db.miek.nl.signed: no such file or directory
[INFO] plugin/sign: Signed "miek.nl." with key tags "59725" in 11.670985ms, saved in "plugin/sign/testdata/db.miek.nl.signed". Next: 2019-07-20T15:49:06.560Z
[INFO] plugin/file: Successfully reloaded zone "miek.nl." in "plugin/sign/testdata/db.miek.nl.signed" with serial 1563636548
[INFO] plugin/sign: Signing "miek.nl." because resign was: 10m0s ago
[INFO] plugin/sign: Signed "miek.nl." with key tags "59725" in 2.055895ms, saved in "plugin/sign/testdata/db.miek.nl.signed". Next: 2019-07-20T16:09:06.560Z
[INFO] plugin/file: Successfully reloaded zone "miek.nl." in "plugin/sign/testdata/db.miek.nl.signed" with serial 1563637748
~~~
Signed-off-by: Miek Gieben <miek@miek.nl>
* Adjust readme and remove timestamps
Signed-off-by: Miek Gieben <miek@miek.nl>
* Comment on the newline
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/sign/README.md
Co-Authored-By: Michael Grosser <development@stp-ip.net>
* Add plugin for Azure DNS
Signed-off-by: darshanime <deathbullet@gmail.com>
* Rename AzureDNS plugin to Azure
Signed-off-by: darshanime <deathbullet@gmail.com>
* remove upstream from azure syntax
Signed-off-by: darshanime <deathbullet@gmail.com>
* Rename azure plugin block keynames
Signed-off-by: darshanime <deathbullet@gmail.com>
* Normalize zone name before lookup in zones
Signed-off-by: darshanime <deathbullet@gmail.com>
* Update import path for caddy
Signed-off-by: darshanime <deathbullet@gmail.com>
* normalize azure zone name only if required
Signed-off-by: darshanime <deathbullet@gmail.com>
* Add support for MX, SRV, TXT, records
Signed-off-by: darshanime <deathbullet@gmail.com>
* Add specs for new record types
Signed-off-by: darshanime <deathbullet@gmail.com>
* Use sequential updates for zones
Signed-off-by: darshanime <deathbullet@gmail.com>
* Add OWNERS file for azure plugin
Signed-off-by: darshanime <deathbullet@gmail.com>
* Rename imports for third party packages
Signed-off-by: darshanime <deathbullet@gmail.com>
* Capitalize values in README
Signed-off-by: darshanime <deathbullet@gmail.com>
* Shorten keys for azure plugin config
Signed-off-by: darshanime <deathbullet@gmail.com>
* Fixup readme for azure plugin
Signed-off-by: darshanime <deathbullet@gmail.com>
* Add any plugin
This adds the any plugin, a plain copy of coredns/any documented here
https://coredns.io/explugins/any/ as an external plugin.
Fixes: #2785
Signed-off-by: Miek Gieben <miek@miek.nl>
* Stickler bot nit
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/cancel: add context cancelation plugin
Per review comments on #2704, move this into a plugin that gets called.
Add the most minimal plugin, tests and documenation.
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/cache: add timeout option
review feedback: add option to set custom timeout.
Signed-off-by: Miek Gieben <miek@miek.nl>
* spelling
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/grpc: New gRPC plugin
* some changes after the first review:
- remove healthcheck. gRPC already has this implicitly implemented
- some naming and stetic changes
- fix some comments
- other minor fixes
* plugin/grpc: New gRPC plugin
* some changes after the first review:
- remove healthcheck. gRPC already has this implicitly implemented
- some naming and stetic changes
- fix some comments
- other minor fixes
* add OWNERS file and change plugin order
* remove Rcode checker
Add a ready plugin that allows plugin to signal when they are ready.
Once a plugin is ready it is not queried again.
This uses same mechanism as the health plugin: each plugin needs to
implement an interface.
Implement readines for the *erratic* plugin to aid in testing.
Add README.md and tests moduled after the health plugin; which will be
relegated to just providing process health. In similar vein to health
this is a process wide setting.
With this Corefile:
~~~
. {
erratic
whoami
ready
}
bla {
erratic
whoami
}
~~~
ready will lead to:
~~~ sh
% curl localhost:8181/ready
% dig @localhost -p 1053 mx example.org
% curl localhost:8181/ready
OK%
~~~
Meanwhile CoreDNS logs:
~~~
.:1053
bla.:1053
2019-02-26T20:59:07.137Z [INFO] CoreDNS-1.3.1
2019-02-26T20:59:07.137Z [INFO] linux/amd64, go1.11.4,
CoreDNS-1.3.1
linux/amd64, go1.11.4,
2019-02-26T20:59:11.415Z [INFO] plugin/ready: Still waiting on: "erratic"
2019-02-26T20:59:13.510Z [INFO] plugin/ready: Still waiting on: "erratic"
~~~
*ready* can be used in multiple server blocks and will do the right
thing; query all those plugins from all server blocks for readiness.
This does a similar thing to the prometheus plugin.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add new plugin: external
This plugin works in conjunction with the kubernetes plugin and exports
ingress and LB addresses as DNS records. It bypasses backend.go and
backend_lookup.go flow because it is not needed.
README, tests are implemented. The tests only exercise the unit tests,
this has not been tested in any ci.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Rename to k8s_external
Signed-off-by: Miek Gieben <miek@miek.nl>
* go gen
Signed-off-by: Miek Gieben <miek@miek.nl>
* New plugin: loop
Add a plugin that detects loops. It does this by sending an unique query
to our selves. If we see the query more than twice we stop the process.
If there isn't a loop, the plugin disables it self and becomes a noop
plugin.
Signed-off-by: Miek Gieben <miek@miek.nl>
This revert 17d807f0 and re-adds the metadata plugin as a plugin that
just sets a label to a value function.
Add package documentation on how to use the metadata package. Make it
clear that any caching is up to the Func implemented.
There are now - no in tree users. We could add the request metadata by
default under names that copy request.Request, i.e
request/ip - remote IP
request/port - remote port
Variables.go has been deleted.
Signed-off-by: Miek Gieben <miek@miek.nl>
Reloading should work (kill -TERM reload the coredns process), but a lot
of plugins can't handle it proper. Disable to reload plugin until we fix
(most) of the plugins
* Update vendor
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Add route53 plugin
This fix adds route53 plugin so that it is possible to
query route53 record through CoreDNS.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
This fix expose directives in dnsserver package, so that external
plugin developers could easily build customerized coredns+plugin
without changing the code base tree of coredns.
The following is an example that could bundle coredns+example,
in one simple file without modifying coredns codebase:
```
package main
import (
_ "github.com/coredns/example"
"github.com/coredns/coredns/coremain"
"github.com/coredns/coredns/core/dnsserver"
)
var directives = []string{
"example",
"log",
"errors",
...
...
...
"whoami",
"startup",
"shutdown",
}
func init() {
dnsserver.Directives = directives
}
func main() {
coremain.Run()
}
```
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Add NSID plugin support for CoreDNS
This fix adds NSID plugin support for CoreDNS, as was proposed
in 1256.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Add test cases for NSID plugin
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Generate code for NSID plugin
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Use hostname as the default (as with bind), and remove unneeded copy
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Add README.md
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Rename middleware to plugin
first pass; mostly used 'sed', few spots where I manually changed
text.
This still builds a coredns binary.
* fmt error
* Rename AddMiddleware to AddPlugin
* Readd AddMiddleware to remain backwards compat
* mw/federaration
This PR add the federation back as a middleware to keep it more
contained from the main kubernetes code.
It also makes parseRequest less import and pushes this functionlity down
in the k.Entries. This minimizes (or tries to) the importance for the
qtype in the query. In the end the qtype checking should only happen
in ServeDNS - but for k8s this might proof difficult.
Numerous other cleanup in code and kubernetes tests.
* up test coverage
Add the DNS message response flags as {rflags} to the default logging
Also complete the replacer testing that is was commented out.
And (unrelated) Switch erratic and whoami to ease testing.
Note: {flags} could and should be added as well - but we can leave that
as a beginners bug.
* middleware/debug: add
Add a debug "middleware" that disables the recover() and just lets
CoreDNS crash; very useful for testing.
Fixes ##563
* fix test
* Feedback: check the value of Debug
* add hosts middleware
* forgot pointer receiver
* add appropriately modified hostsfile tests from golang repo
* remove test artifacts, separate hostsfile parsing from caching and opening, remove unused metrics references, move middleware up the chain
* refactored the logic for creating records and filtering ip address versions. also got PTR lookups working
* Add README.md. Modify config to be more concise. Add zones list to config. Filter PTR responses based on zones list.
* add Fallthrough and return correct dns response code otherwise
* Simplified Hostsfile to only store hosts in the zones we care about, and by ip version. Added handler tests and improved other tests.
* oops, goimports loaded a package from a different repo
* Add fallthrough support for Kubernetes
This enables registering other services in the same zone as
Kubernetes services. This also re-orders the middleware chain
so that Kubernetes comes before other types, in order to make
this work out-of-the-box.
* Remove extra line
Add middleware by directly linking it from caddy, i.e. without any code
changes. To be fair: this does not added a ServeHTTP, but does give
some nice features in the Corefile.
* core: add listening for other protocols
Allow CoreDNS to listen for TLS request coming over port 853. This can
be enabled with `tls://` in the config file.
Implement listening for grps:// as well.
a Corefile like:
~~~
. tls://.:1853 {
whoami
tls
}
~~~
Means we listen on 1853 for tls requests, the `tls` config item allows
configuration for TLS parameters. We *might* be tempted to use Caddy's
Let's Encrypt implementation here.
* Refactor coredns/grpc into CoreDNS
This makes gRPC a first class citizen in CoreDNS. Add defines as being
just another server.
* some cleanups
* unexport the servers
* Move protobuf dir
* Hook up TLS properly
* Fix test
* listen for TLS as well. README updates
* disable test, fix package
* fix test
* Fix tests
* Fix remaining test
* Some tests
* Make the test work
* Add grpc test from #580
* fix crash
* Fix tests
* Close conn
* README cleanups
* README
* link RFC
