When fetching records via the etcd plugin, the recursion flag was never
set properly according to if the caller requested an exact record match
or not. This cause problems especially in CNAME lookups, where recursion
took place and a random RR was returned instead of the one that was
specifically added for this key. Even when there is no service attached
on the given path, it is still wrong to return a random one from the
recursion.
Fixing by using the `exact` flag to decide if recursion should be done.
Remove some optimization and lowercasing of the qname (in the end
miekg/dns should provide a fast and OK function for it).
* remove the make([]byte, 2) allocation in the key()
* use already lowercased qname in hash key calculation.
% benchcmp old.txt new.txt
benchmark old ns/op new ns/op delta
BenchmarkCacheResponse-4 9599 8735 -9.00%
Signed-off-by: Miek Gieben <miek@miek.nl>
The underlying system might not support
SO_REUSEPORT, even though it is available in
kernel 3.9+. If there's an error, continue.
Signed-off-by: stuart nelson <stuartnelson3@gmail.com>
* plugin/file: Use new zone parser API
Use new dns lib 1.0.14 and default to using the new zone parser that
does not leak go-routines.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Use new API
Signed-off-by: Miek Gieben <miek@miek.nl>
* server: actually scrub response
Did all the worked, hooked it up wrongly :(
This also needs test, but those are hard(er) because we only receive
packets after they have been decoded; i.e. we never see the wirefmt.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add tests
Add a test for checking is compression pointers are set in the packet.
This also adds an undocumented 'large' feature to the erratic plugin to
send large responses that should be compressed.
Commenting the Scrub out in server results in:
=== RUN TestCompressScrub
--- FAIL: TestCompressScrub (0.00s)
compression_scrub_test.go:41: Expected returned packet to be < 512, got 839
FAIL
exit status 1
FAIL github.com/coredns/coredns/test 0.036s
Actually checking the size might be easier, but lets be thorough here
and check the pointers them selves.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix tests
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin erratic: fix e.large
always put an rr in the reply, fix e.large in erractic and add test to
check for it.
Signed-off-by: Miek Gieben <miek@miek.nl>
* - enhance README to include security release process compatible wiht k8s
* - second version of Security release process, including "Collaborating Projects"
* - reformulate the security release process within a separated doc.
* - add following comment from Sec Team .part 1
* - refactored with comments from Security IB
- refactored considering the same existing document in another CNCF project (envoy)
* - adjust seucrity of README to point the new security process page
* - revert change on FOSSA
* - fix comments from John.
* - removing the todos (I pushed them on the description of the PR)
* - define the PST members in OWNER file
* - fix from review
- add a cahpter for mailing list presentation
* - point the PST members in OWNER file
* - register PST under name 'security' in OWNER file
- early announce will be on coredns-distributors-announce@googlegroup.com
- remove hall of fame reference
* - remove list of security team members from owner file. mailing list of security@coredns.io will be the reference
While running the following, noticed the whitespace warning from presubmit:
```
ubuntu@ubuntu:~/coredns$ docker run -i -t --rm -v $PWD:/go/src/github.com/coredns/coredns --net=host golang:1.11
root@ubuntu:/go# cd src/github.com/coredns/coredns/
root@ubuntu:/go/src/github.com/coredns/coredns# make
** presubmit/context
** presubmit/filename-hyphen
** presubmit/test-lowercase
** presubmit/trailing-whitespace
plugin/auto/README.md:* `reload` interval to perform reload of zone if SOA version changes. Default is one minute.
plugin/auto/README.md: Value of `0` means to not scan for changes and reload. eg. `30s` checks zonefile every 30 seconds
plugin/file/README.md:* `reload` interval to perform reload of zone if SOA version changes. Default is one minute.
plugin/file/README.md: Value of `0` means to not scan for changes and reload. eg. `30s` checks zonefile every 30 seconds
** presubmit/trailing-whitespace: please remove any trailing white space
```
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
client-go is a "empty interface" waste-land and we're missing an
integration test so we didn't catch. Try this.
Signed-off-by: Miek Gieben <miek@miek.nl>
For zone files with more than 10,000 records, the goroutines and memory
pinned by dns.ParseZone won't be released unless the tokens chan is
drained. As Parse is called by (*Zone).Reload very frequently, this
causes memory leaks and OOM conditions.
Updates miekg/dns#786
* Convert to runtime.Object to smaller structs
This adds conversion for all the objects we want to keep in the cache.
It keeps the minimum for CoreDNS to function and throws away the rest.
The conversion:
api.Endpoints -> object.Endpoints
api.Pod -> object.Pod
api.Serivce -> object.Service
We needed to copy some client-go stuff to insert a conversion function
into NewIndexInformers.
Some unrelated cleanups in the watch functionality as that needed to be
touched because of the above translation of objects.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Reduce test line-count
Signed-off-by: Miek Gieben <miek@miek.nl>
* ....and fix test
Signed-off-by: Miek Gieben <miek@miek.nl>
* Drop use of append
Signed-off-by: Miek Gieben <miek@miek.nl>
* cosmetic changes
Signed-off-by: Miek Gieben <miek@miek.nl>
* that was a typo
Signed-off-by: Miek Gieben <miek@miek.nl>
* re-introduce append here
We can't really use len() here because we don't know the number before
hand.
Signed-off-by: Miek Gieben <miek@miek.nl>
* comment in better place
Signed-off-by: Miek Gieben <miek@miek.nl>
* Make the timestamp a bool; thats where it is used for
Signed-off-by: Miek Gieben <miek@miek.nl>
* Set incoming object to nil
Explicataliy discard the converted object; we did a deep copy it's
not needed anymore.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Per Chris's comment
Signed-off-by: Miek Gieben <miek@miek.nl>
* Import auth providers for K8s
* Vendor updates for K8s auth providers
* Remove Azure since it is not compiling
* Update vendor to remove Azure dependencies
