* healthchecks: check on every 3rd failure
Check on every third failure and some cleanups to make this possible. A
failed healthcheck will never increase Fails, a successfull healthceck
will reset Fails to 0. This is a chance this counter now drops below 0,
making the upstream super? healthy.
This removes the okUntil smartness and condences everything back to 1
metrics: Fails; so it's simpler in that regard.
Timout errors are *not* attributed to the local upstream, and don't get
counted into the Fails anymore. Meaning the 'dig any isc.org' won't kill
your upstream.
Added extra test the see if the Fails counter gets reset after 3 failed
connection.
There is still a disconnect beween HTTP healthceck working the proxy (or
lookup) not being able to connect to the upstream.
* Fix tests
Flaky test because it used a fix port; just drop it. Might be worthwhile
to return it as a unit tests, but on that level we can't use a coredns
"process" to exercise the reload.
* doc update
Go through all README and fix mistakes, extend example and let more
corefile snippets be test for validity.
* Cant use spefic addr in test
Fix file/fuzz.go build and docs in Makefile.fuzz
Each plugin can add a fuzz.go to join the fuzzing craze.
pkg/fuzz/do.go could be made a lot smarter, but is probably good enough
for starters.
$ make -f Makefile.fuzz <plugin>
will build with go-fuzz-build and then execute a go-fuzz run. Each
plugin's fuzz run uses a per-plugin directory to store the fuzz data.
* Add custom data into dnstap context
* Fix error and fix UT compile errors
* Add UTs
* Change as per review comments. Use boolean to indicate which Dnstap message to send out
* Merge with master and fix lint warning
* Remove newline
* Fix review comments
* don't spam Travis + valid dnstap payload
* log instead of fmt
* Revert "log instead of fmt"
This reverts commit 88f09c3939.
* log the right way
* log the final way
* minor enhancements
* test: fix zone file
Add missing $TTL 3600 as the top.
Recent change in Go DNS made this mandatory - old behavior wasn't
standards compliant.
* and here
Turn down the timeouts and numbers a bit:
FailTimeout 10s -> 5s
Future 60s -> 12s
TryDuration 60s -> 16s
The timeout for decrementing the fails in a host: 10s -> 2s
And the biggest change: don't set fails when the error is Timeout(),
meaning we loop for a bit and may try the same server again, but we
don't mark our upstream as bad, see comments in proxy.go. Testing this
with "ANY isc.org" and "MX miek.nl" we see:
~~~
::1 - [24/Sep/2017:08:06:17 +0100] "ANY IN isc.org. udp 37 false 4096" SERVFAIL qr,rd 37 10.001621221s
24/Sep/2017:08:06:17 +0100 [ERROR 0 isc.org. ANY] unreachable backend: read udp 192.168.1.148:37420->8.8.8.8:53: i/o timeout
::1 - [24/Sep/2017:08:06:17 +0100] "MX IN miek.nl. udp 37 false 4096" NOERROR qr,rd,ra,ad 170 35.957284ms
127.0.0.1 - [24/Sep/2017:08:06:18 +0100] "ANY IN isc.org. udp 37 false 4096" SERVFAIL qr,rd 37 10.002051726s
24/Sep/2017:08:06:18 +0100 [ERROR 0 isc.org. ANY] unreachable backend: read udp 192.168.1.148:54901->8.8.8.8:53: i/o timeout
::1 - [24/Sep/2017:08:06:19 +0100] "MX IN miek.nl. udp 37 false 4096" NOERROR qr,rd,ra,ad 170 56.848416ms
127.0.0.1 - [24/Sep/2017:08:06:21 +0100] "MX IN miek.nl. udp 37 false 4096" NOERROR qr,rd,ra,ad 170 48.118349ms
::1 - [24/Sep/2017:08:06:21 +0100] "MX IN miek.nl. udp 37 false 4096" NOERROR qr,rd,ra,ad 170 1.055172915s
~~~
So the ANY isc.org queries show up twice, because we retry internally -
this is I think WAI.
The `miek.nl MX` queries are just processed normally as no backend is
marked as unreachable.
May fix#1035#486
* healhcheck: various cleanups
Network wasn't used. IgnorePaths wasn't used. Move checkdown function to
common function shared between proxy protocols. And some naming fixed.
Also reset the Fails on a succesful healthcheck back to 0.
remove newlines from log
* compile
* fix test
* Use gometalinter and enforcing go fmt/lint/vet
Before this PR go fmt is enabled, go lint is suggest only.
From time to time we have to manually check for go lint and go vet
for any issues.
This fix uses gometalinter and enforcing go fmt/lint/vet.
Several reasons:
- gometalinter could handle multiple linters concurrently
- gometalinter supports suppression with `// nolint[: <linter>]`
Previously one reason we didn't enable go lint was due to the
```
warning: context.Context should be the first parameter of a function (golint)
```
this is now possible with gometalinter and `// nolint: golint` (See changes).
This fix also discovered several go vet issues and fixes it.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Fix several issues reported by gometalinter (go vet)
This commit fixes several issues reported by gometalinter (go vet).
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Increase deadline
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Add a full test server impl in this new package + tests. Move
dnsrecorder into this package as well and finish up the commented out
tests that were left in the old dnsrecorder package.
Update all callers and tests.
This fix add inline support for middleware/hosts so that
it is possible to specify hosts file insides the Corefile:
```
hosts inline example.org {
10.0.0.1 example.org
fallthrough
}
```
This fix fixes 999.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* plugin/{file,auto}: drop fsnotify
Reload every minute. This is more deterministic then fsnotify. Also
other thing cropped up: sharing zone files between zone; there is only
1 fsnotify event and we need to fan out the reload to all zone files.
This is a large rewrite (which could still be done), for now, poll the
zone file on disk.
Give serial no change a special error type so we can check for this.
Improve the logging for reloading:
2017/09/19 07:34:39 [INFO] Successfully reloaded zone "miek.nl." in "db.miek.nl" with serial 128263060
2017/09/19 07:34:45 [INFO] Successfully reloaded zone "miek.nl." in "db.miek.nl" with serial 128263059
2017/09/19 07:34:51 [INFO] Successfully reloaded zone "miek.nl." in "db.miek.nl" with serial 128263060
Fixes#1013
* typo
Cache would let the first response through and would then cap subsequent
ones to whatever the cache duration was. This would lead to huge drops
in TTL values: 3600 -> 20 for instance, which is not only bad, but can
mess up your careful TTL planning business.
This PR fixes that and applies the cache duration to all replies. As a
bonus I could remove a time.Sleep() from the cache test and just check
for the cache duration as the TTL on the reply.
Fixes#1038
This does not help to make it backwards compatible. The middleware ->
plugin rename invalidates all this. External middleware won't compile
either way.
* Rename middleware to plugin
first pass; mostly used 'sed', few spots where I manually changed
text.
This still builds a coredns binary.
* fmt error
* Rename AddMiddleware to AddPlugin
* Readd AddMiddleware to remain backwards compat
Go is not super helpful if you checkout the code to a random path, then try and follow the build instructions in the README. Add some instructions that help users who don't deal with Go on a day-to-day basis to get it right.
Fixes#1070. Thanks to @johnbelamaric for reminding me about Go's deficiencies.
* Remove debug from interface and methods
* remove debug queries from etcd
* remove debug queries from k8s - they were not used
* And remove from mw/proxy-google as well
* Remove debug query test
