* cache: add sharded cache implementation
Add Cache impl and a few tests. This cache is 256-way sharded, mainly
so each shard has it's own lock. The main cache structure is a readonly
jump plane into the right shard.
This should remove the single lock contention on the main lock and
provide more concurrent throughput - Obviously this hasn't been tested
or measured.
The key into the cache was made a uint32 (hash.fnv) and the hashing op
is not using strings.ToLower anymore remove any GC in that code path.
* here too
* Minimum shard size
* typos
* blurp
* small cleanups no defer
* typo
* Add freq based on Johns idea
* cherry-pick conflict resolv
* typo
* update from early code review from john
* add prefetch to the cache
* mw/cache: add prefetch
* remove println
* remove comment
* Fix tests
* Test prefetch in setup
* Add start of cache
* try add diff cache options
* Add hacky testcase
* not needed
* allow the use of a percentage for prefetch
If the TTL falls below xx% do a prefetch, if the record was popular.
Some other fixes and correctly prefetch only popular records.
* add hosts middleware
* forgot pointer receiver
* add appropriately modified hostsfile tests from golang repo
* remove test artifacts, separate hostsfile parsing from caching and opening, remove unused metrics references, move middleware up the chain
* refactored the logic for creating records and filtering ip address versions. also got PTR lookups working
* Add README.md. Modify config to be more concise. Add zones list to config. Filter PTR responses based on zones list.
* add Fallthrough and return correct dns response code otherwise
* Simplified Hostsfile to only store hosts in the zones we care about, and by ip version. Added handler tests and improved other tests.
* oops, goimports loaded a package from a different repo
* middleware/file: don't reload zone when SOA isn't changed
Give Parse an extra argument which is the SOA's serial, if > 0 we check
against the just parsed SOA and then just return.
Most notable use is in reload.go which is both used in the file and auto
middleware.
Fixes#415
* PR comments
Singleinflight interferes with the health checking of upstream. If an
upstream would fail, singleinflight would mirror that error to to other
proxy *iff* multple identical queries would be inflight. This would lead
to marking *all* upstreams as bad, essentially collapsing multiple
upstreams into a SPOF. Clearly not what we want.
Singleinflight does have some nice properties, but I've opted to rip it
out entirely. Caching should almost (but not quite) as good.
Added a test case in test that uses 3 CoreDNS instances to reflect the
setup from #715.
Found another bug as well, where (when the policy would be nil), we
would always Spray even though we've found a healthy host.
* middleware/file: add DNSSEC support
Add tests for DNSSEC and check if everything is working.
* add signatures
* tweak
* Add DNSSEC signing tests for DNAME
* Just sign it all
When CoreDNS starts up and can't get a zone transfer going the Apex is
empty. This `nil` is then transformed into wireformat, which fails with
a nil pointer dereference in Go DNS.
In this case we should just return SERVFAIL, because we don't have any
info (yet). Note the lookup code returned NXDOMAIN, which is correct
from a lookup standpoint, but also invalidates every name in the future
loaded zone.
Anyway, look for an apex before doing the lookup and return SERVFAIL if
nothing is found.
Fixes#679
Limit the options in both errors and log middleware, just output to
stdout and let someone else (journald,docker) care about where to route
the logs. This removes syslog and logging to a file.
Fixes#573#602
* Add external service cnames
* remove cruft
* update CI k8s version
* change CI k8s version
* min k8s ver for ext services
* trying k8s 1.5
* k8s 1.5 requires ports spec
* remove kruft
* update dns schema version
* Test DNAME handling
If the DNAME itself matches the QTYPE, and the owner name matches QNAME,
the relevant DNAME RR should be included in the answer section.
Other parts of RFC 6672 are not implemented yet and hence left untested.
* Implement the DNAME substitution
As specified in RFC 6672, a DNAME substitution is performed by replacing
the suffix labels of the name being sought matching the owner name of
the DNAME resource record with the string of labels in the RDATA field.
The matching labels end with the root label in all cases. Only whole
labels are replaced.
* Handle DNAME redirection
A CNAME RR is created on-the-fly for the DNAME redirection. Be aware
that we do not have all the edge cases covered yet.
* Test DNAME owner name matching the QNAME
A DNAME RR redirects DNS names subordinate to its owner name; the owner
name of a DNAME is NOT redirected itself.
* Ignore names next to and below a DNAME record
According to RFC 6672, resource records MUST NOT exist at any subdomain
of the owner of a DNAME RR. When loading a zone, those names below the
DNAME RR will be quietly ignored.
* Streamline DNAME processing
Instead of checking DNAMEs during lookup, we use a preloaded list of
DNAME RRs to streamline the process without any runtime performance
penalty:
* When loading the zone, keep a record of any DNAME RRs.
* If there aren't any DNAMEs in the zone, just do the lookup as usual.
* Only when the zone has one or more DNAME records, we look for the
matching DNAME and ignore confronting subdomain(s) in the process.
* Make it easier to trace back through test errors
* Make DNAME handling part of lookup routine
DNAME processing is invoked only if the zone has at least one DNAME RR.
* Put DNAME resolution inside the searching of a hit
We can drop some of the other ideas; we don't need to track if we
have DNAMEs in the zone it just follows naturally from the current
lookup code.
See also: #664
* commit for testing in cluster
* commit for testing in cluster
* refactor and add ns.dns record
* Release 007
* reduce heap allocations
* gofmt
* revert accidental Makefile commits
* restore prior rcode for disabled pod mode
* revert Makefile deltas
* add unit tests
* more unit tests
* make isRequestInReverseRange easier to test
* more unit tests
* addressing review feedback
* commit setup.go
* middleware/chaos: fix version
Move the version setting into a init function so it is done early. Then
tweak the setup code for chaos a bit to correctly pick this version up.
Add an integration test to pick this up in the toplevel test/ directory.
Fixes#667
* Update tests
Make the default target do nothing and put the actual release under a
'release' target. Prevent accidentally committing unwanted commits to
the repo.
Tested with `make -f Makefile.release -n`.
* middleware/file: correctly parse the stanza
Parsing the file stanza would give precedence to 'transfer' and ignore
other bits if it wasn't specified.
This change fixes the parsing. The actually external CNAME retrieval is
working fine (once the upstream is correctly parsed).
This wasn't caught in tests, because we lack a parsing test for this.
Fixes#657
* Add tests
Check message for expired sig and don't cache those.
Aside: This hack of caching entire messages is probably something we
should stop doing at some point in the future and do this on a per RRset
basis.
Fixes#367#635
