* plugin/tls: respect the path specified by root plugin
Signed-off-by: Marius Kimmina <mar.kimmina@gmail.com>
* improve readme
Signed-off-by: Marius Kimmina <mar.kimmina@gmail.com>
---------
Signed-off-by: Marius Kimmina <mar.kimmina@gmail.com>
* plugin/forward: Move Proxy into pkg/plugin/proxy, to allow forward.Proxy to be used outside of forward plugin.
Signed-off-by: Patrick Downey <patrick.downey@dioadconsulting.com>
* plugin/forward: convert the specified domain of health_check to Fqdn
* plugin/forward: update readme for health check
Signed-off-by: vanceli <vanceli@tencent.com>
* Add forwardcrd plugin README.md
Co-authored-by: Aidan Obley <aobley@vmware.com>
Signed-off-by: Christian Ang <angc@vmware.com>
* Create forwardcrd plugin
- Place forwardcrd before forward plugin in plugin list. This will avoid
forward from preventing the forwardcrd plugin from handling any queries
in the case of having a default upstream forwarder in a server block (as
is the case in the default kubernetes Corefile).
Co-authored-by: Aidan Obley <aobley@vmware.com>
Signed-off-by: Christian Ang <angc@vmware.com>
* Add Forward CRD
Signed-off-by: Christian Ang <angc@vmware.com>
* Add NewWithConfig to forward plugin
- allows external packages to instanciate forward plugins
Co-authored-by: Aidan Obley <aobley@vmware.com>
Signed-off-by: Christian Ang <angc@vmware.com>
* ForwardCRD plugin handles requests for Forward CRs
- add a Kubernetes controller that can read Forward CRs
- instances of the forward plugin are created based on Forward CRs from
the Kubernetes controller
- DNS requests are handled by calling matching Forward plugin instances
based on zone name
- Defaults to the kube-system namespace to align with Corefile RBAC
Signed-off-by: Christian Ang <angc@vmware.com>
Use klog v2 in forwardcrd plugin
* Refactor forward setup to use NewWithConfig
Co-authored-by: Christian Ang <angc@vmware.com>
Signed-off-by: Edwin Xie <exie@vmware.com>
* Use ParseInt instead of Atoi
- to ensure that the bitsize is 32 for later casting to uint32
Signed-off-by: Christian Ang <angc@vmware.com>
* Add @christianang to CODEOWNERS for forwardcrd
Signed-off-by: Christian Ang <angc@vmware.com>
Co-authored-by: Edwin Xie <exie@vmware.com>
* deprecate normalize and mustnormalize
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add runtime warning
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* elaborate runtime warning
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* include caller info
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* trap unsupported FROM cidr notations
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* make is a warning
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
Make normalize return multiple "hosts" (= reverse zones) when a
non-octet boundary cidr is given.
Added pkg/cidr package that holds the cidr calculation routines; felt
they didn't really fit dnsutil.
This change means the IPNet return parameter isn't needed, the hosts are
all correct. The tests that tests this is also removed: TestSplitHostPortReverse
The fallout was that zoneAddr _also_ doesn't need the IPNet member, that
in turn make it visible that zoneAddr in address.go duplicated a bunch
of stuff from register.go; removed/refactored that too.
Created a plugin.OriginsFromArgsOrServerBlock to help plugins do the
right things, by consuming ZONE arguments; this now expands reverse
zones correctly. This is mostly mechanical.
Remove the reverse test in plugin/kubernetes which is a copy-paste from
a core test (which has since been fixed).
Remove MustNormalize as it has no plugin users.
This change is not backwards compatible to plugins that have a ZONE
argument that they parse in the setup util.
All in-tree plugins have been updated.
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/dnstap: various cleanups
A recent issue made me look into this plugin, I suspect various other
cleanups (hopefully deletion of code) can be made as well
Remove identical functions ToClientQuery etc, and just use tap.Message
as the base type in plugin. Keep msg/ for a few helper functions that
may proof useful.
This remove the whole test directory as we will just check the things we
are interested in which gives much better feedback and keeps that code
closer together.
tapwr dir is also not needed, writer_test.go was just duplicating the
tests already done. This moves writer.go to the top directory.
Make the only user of dnstap, the forward plugin, use the newer code
also remove the test, a better test there would be a full e2e test to
see the correct thing happens.
Cleanup the Tapper interface and move it to dnstapio where it belongs,
remove higher level interfaces that are not used. This remove
dnstap.Tapper and dnstap.IORoutines.
Use the standard mechanism for getting access to a plugin and remove
shuffling the plugin into the context.
Signed-off-by: Miek Gieben <miek@miek.nl>
* use opts to get the correct proto
Signed-off-by: Miek Gieben <miek@miek.nl>
* Various fixes
Signed-off-by: Miek Gieben <miek@miek.nl>
* Remove bad addr test, as dnstap is only called from within coredns where these fields have been preparsed
Signed-off-by: Miek Gieben <miek@miek.nl>
* dnstap: remove saving the error
all these fields have been preparsed, no need for dnstap to be pedantic
and check (and save!) this error again.
Simplifies it a bit more.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/forward/dnstap.go
Co-authored-by: Ruslan Drozhdzh <30860269+rdrozhdzh@users.noreply.github.com>
* Code review
Signed-off-by: Miek Gieben <miek@miek.nl>
* add back in preferUDP
Signed-off-by: Miek Gieben <miek@miek.nl>
* nit
Signed-off-by: Miek Gieben <miek@miek.nl>
Co-authored-by: Ruslan Drozhdzh <30860269+rdrozhdzh@users.noreply.github.com>
* For caddy v1 in our org
This RP changes all imports for caddyserver/caddy to coredns/caddy. This
is the v1 code of caddy.
For the coredns/caddy repo the following changes have been made:
* anything not needed by us is deleted
* all `telemetry` stuff is deleted
* all its import paths are also changed to point to coredns/caddy
* the v1 branch has been moved to the master branch
* a v1.1.0 tag has been added to signal the latest release
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix imports
Signed-off-by: Miek Gieben <miek@miek.nl>
* Group coredns/caddy with out plugins
Signed-off-by: Miek Gieben <miek@miek.nl>
* remove this file
Signed-off-by: Miek Gieben <miek@miek.nl>
* Relax import ordering
github.com/coredns is now also a coredns dep, this makes
github.com/coredns/caddy fit more natural in the list.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix final import
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/forward: init ClientSessionCache in tls.Config
- ClientSessionCache may speed up a TLS handshake in upcoming connections
to the same TLS server
Signed-off-by: Ruslan Drozhdzh <rdrozhdzh@infoblox.com>
* add comment
Signed-off-by: Ruslan Drozhdzh <rdrozhdzh@infoblox.com>
* revert de-dup
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* unit test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* use roundrobin policy in test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* Make the RD-flag in health-checks in the Forward-plugin configurable
Introduces a new configuration flag; `health_check_non_recursive`. This
flag makes the health-checker do non-recursive requests when checking
the health of upstream servers.
Signed-off-by: Geir Haugom <ghagit@haugom.org>
Signed-off-by: Christian Tryti <ctryti@gmail.com>
* Changes after feedback from reviewer
* Better tests of health-checks with and without recursion
* Removed the health_check_non_recursive configuration in favor of
extending the existing health_check configuration. Now supports an
optional `no_rec` argument.
Signed-off-by: Christian Tryti <ctryti@gmail.com>
* Add new test that checks setup of health_check.
Signed-off-by: Christian Tryti <ctryti@gmail.com>
* plugin/forward: may Yield not block
Yield may block when we're super busy with creating (and looking) for
connection. Set a small timeout on Yield, to skip putting the connection
back in the queue.
Use persistentConn troughout the socket handling code to be more
consistent.
Signed-off-by: Miek Gieben <miek@miek.nl>
Dont do
Signed-off-by: Miek Gieben <miek@miek.nl>
* Set used in Yield
This gives one central place where we update used in the persistConns
Signed-off-by: Miek Gieben <miek@miek.nl>
Remove all these uses and just make them work on caddy.Controller. Also
don't export parsing functions as their should be private to the plugin.
Signed-off-by: Miek Gieben <miek@miek.nl>
Abstract the caddy call and make it simpler.
See #3261 for some part of the discussion.
Go from:
~~~ go
func init() {
caddy.RegisterPlugin("any", caddy.Plugin{
ServerType: "dns",
Action: setup,
})
}
~~~
To:
~~~ go
func init() { plugin.Register("any", setup) }
~~~
This requires some external documents in coredns.io to be updated as
well; the old way still works, so it's backwards compatible.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update Caddy to 1.0.1, and update import path
This fix updates caddy to 1.0.1 and also
updates the import path to github.com/caddyserver/caddy
This fix fixes 2959
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Also update plugin.cfg
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Update and bump zplugin.go
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* - ensure plugins that use prometheus.MustRegister, re-register after reload
- removing once.Do on the startup function was simplest way to do it.
* - fix underscored names (advice of bot)
* - tune existing UT for reload, and add a test verifying failing reload does not prevent correct registering for metrics
* - ensure different ports for tests that can run in same time ..
* Move functions from pkg/transport to pkg/parse
Although "parse" is a fairly generic name I believe this is somewhat
better named. pkg/transport keeps a few constants that are uses
throughout for the rest is is renaming a bunch (and the fallout from
there to make things compile again).
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix tests
Signed-off-by: Miek Gieben <miek@miek.nl>
Create plugin/pkg/transport that holds the transport related functions.
This needed to be a new pkg to prevent cyclic import errors.
This cleans up a bunch of duplicated code in core/dnsserver that also
tried to parse a transport (now all done in transport.Parse).
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/forward: add HealthChecker interface
Make the HealthChecker interface and morph the current DNS health
checker into that interface.
Remove all whole bunch of method on Forward that didn't make sense.
This is done in preparation of adding a DoH client to forward - which
requires a completely different healthcheck implementation (and more,
but lets start here)
Signed-off-by: Miek Gieben <miek@miek.nl>
* Use protocol
Signed-off-by: Miek Gieben <miek@miek.nl>
* Dial doesnt need to be method an Forward either
Signed-off-by: Miek Gieben <miek@miek.nl>
* Address comments
Address various comments on the PR.
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugins: Return error for multiple use of some
Return plugin.ErrOnce when a plugin that doesn't support it, is called
mutliple times.
This now adds it for: cache, dnssec, errors, forward, hosts, nsid.
And changes it slightly in kubernetes, pprof, reload, root.
* more tests
* doc: some function/vars/const/package level updates
Various update that stood out while reading godoc.org for CoreDNS.
* Fix some misspellings as well
* plugin/forward: on demand healtchecking
Only start doing health checks when we encouner an error (any error).
This uses the new pluing/pkg/up package to abstract away the actual
checking. This reduces the LOC quite a bit; does need more testing, unit
testing and tcpdumping a bit.
* fix tests
* Fix readme
* Use pkg/up for healthchecks
* remove unused channel
* more cleanups
* update readme
* * Again do go generate and go build; still referencing the wrong forward
repo? Anyway fixed.
* Use pkg/up for doing the healtchecks to cut back on unwanted queries
* Change up.Func to return an error instead of a boolean.
* Drop the string target argument as it doesn't make sense.
* Add healthcheck test on failing to get an upstream answer.
TODO(miek): double check Forward and Lookup and how they interact with
HC, and if we correctly call close() on those
* actual test
* Tests here
* more tests
* try getting rid of host
* Get rid of the host indirection
* Finish removing hosts
* moar testing
* import fmt
* field is not used
* docs
* move some stuff
* bring back health_check
* maxfails=0 test
* git and merging, bah
* review
* plugin/forward: add it
This moves coredns/forward into CoreDNS. Fixes as a few bugs, adds a
policy option and more tests to the plugin.
Update the documentation, test IPv6 address and add persistent tests.
* Always use random policy when spraying
* include scrub fix here as well
* use correct var name
* Code review
* go vet
* Move logging to metrcs
* Small readme updates
* Fix readme
