When err=nil try to determine the version of the k8s cluster and disable
endpoint slices. Don't return from connecting to the cluster.
In the future we should just default to true, and delete all this code.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Rewrite plugin - rewrite SRV targets and names in response answer and additional records
Signed-off-by: Nic Colledge <nic@njcolledge.net>
* Added README content to describe new behaviour
Signed-off-by: Nic Colledge <nic@njcolledge.net>
* Added more record types to rewrite handling based on PR/Issue feedback
Signed-off-by: Nic Colledge <nic@njcolledge.net>
* Updated README.md for plugin
Signed-off-by: Nic Colledge <nic@njcolledge.net>
* Updated unit tests.
Small refactor of getTarget... function.
Signed-off-by: Nic Colledge <nic@njcolledge.net>
* Refactor to add response value rewrite as answer value option
Signed-off-by: Nic Colledge <nic@njcolledge.net>
* Removed TODO comment, added test for NAPTR record.
Signed-off-by: Nic Colledge <nic@njcolledge.net>
* plugin/sign: track zone file's mtime
Resign if the original zone's mtime is change in some way.
Closes#4407
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/sign/README.md
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Co-authored-by: Yong Tang <yong.tang.github@outlook.com>
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
* plugin/transfer: only allow outgoing axfr over tcp
Return refused when the query comes in over udp.
No need to add a new test case as the current crop needed to be changed
to use TCP.
Fixes: #4450
Signed-off-by: Miek Gieben <miek@miek.nl>
* transfer tests: this needs tcp as well
Signed-off-by: Miek Gieben <miek@miek.nl>
Copy the msg to prevent messing with the (via the pointer) original
created message that may be stored in the cache or anything other data
store.
Signed-off-by: Miek Gieben <miek@miek.nl>
Currently ACLs only allow for allow and block, however it isn't
always desirable to set the status code to REFUSED. Often times
you want to completely hide the fact that those records even exist.
Adding the ability to acl to filter results makes it significantly
harder for a third party to know that the records are being masked.
Signed-off-by: George Shammas <george@shamm.as>
* Revert "make copies of RRs before returning them (#4409)"
This reverts commit 8b2ff6c388.
* Document copying responses
See #4409 and the comments. This documents that issue, but doesn't
change the in-tree plugins just yet.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin.md
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
* plugin/forward Add rcode and rtype to request_duration_seconds metric
Signed-off-by: Maxime Ginters <maxime.ginters@shopify.com>
* Control the cardinality of query type
Signed-off-by: Maxime Ginters <maxime.ginters@shopify.com>
PR #4161 is stalled. Tried to cherry pick the code from there, but that
led to conflicts, manually copying over while taking into account the
comments on that PR. Use that code and extend the error checking, don't
modify existing tests and make the badwriter test simpler.
Closes: #4161
Signed-off-by: Miek Gieben <miek@miek.nl>
add tests
Signed-off-by: Miek Gieben <miek@miek.nl>
Make this vastly simpler and more efficient. Adding all the bytes and
then letting loose fnv doesn't add anything and may actually do the
wrong thing.
See: #3953Fixes: #3953
Signed-off-by: Miek Gieben <miek@miek.nl>
* Azure Plugin: Iterate over all pages for records
Signed-off-by: Manuel Gugger <manuel.gugger@gmail.com>
* Azure Plugin: use := for assignment
Signed-off-by: Manuel Gugger <manuel.gugger@gmail.com>
* Remove unnecessary return param
Signed-off-by: Manuel Gugger <manuel.gugger@gmail.com>
* support dual stack clusterIPs
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* stickler
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix ClusterIPs make
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
I don't have theory why this panics, but concurrency has something to do
with it, so get the address before we call the goroutine.
See #4271
Signed-off-by: Miek Gieben <miek@miek.nl>
* pass through nxdomain results
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* return srvfail and nodata results
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* cover more response cases
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* get data reqd to record latency before calling toFuncs
* refactor out unnecessary toFunc wrappers
* remove latency metric unit tests per PR feedback
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
Various improvements to the documentation. Started because `⚠️`
isn't a markdown feature (replace with Note:).
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/dnstap: remove config struct
this struct is an uneeded intermidiate to get a dnstap it can be
removed. Remove the dnstapio subpkg: it's also not needed. Make *many*
functions and structs private now that we can.
Signed-off-by: Miek Gieben <miek@miek.nl>
* correct logging
Signed-off-by: Miek Gieben <miek@miek.nl>
* forward: add example with multiple DoT upstreams
Remove Bugs section as this is a nice work around.
h/t https://twitter.com/mholt6/status/1284250606673080321
Signed-off-by: Miek Gieben <miek@miek.nl>
* Actually remove bugs section
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/dnstap: remove encoder*.go
Those files reimplemented parts of the dnstap spec, we can just use the
dnstap functions for that. This leaves all the queuing that is enabled
and drops messages if the dnstap reader can't keep up. In the new code
flush() would never return an error (at least I couldn't make it do so),
so the reconnect functionally is moved to kick off when we get write
errors.
Some smaller cosmetic changes as well, `d.socket` is now `proto`, which
makes the dial() function smaller.
Total testing time is now <1s (which was the impetus to look into this
plugin *again*).
See #4238
The buffered channel needs to be sized correctly, as we may need to do
some queing if the dnstap reader can't keep up.
Signed-off-by: Miek Gieben <miek@miek.nl>
* add missing file
Signed-off-by: Miek Gieben <miek@miek.nl>
* update doc on queing
Signed-off-by: Miek Gieben <miek@miek.nl>
* initial commit
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* convert endpointslices to object.endpoints
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add opt hard coded for now
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* check that server supports endpointslice
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix import grouping
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* dont use endpoint slice in 1.17 or 1.18
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* bump kind/k8s in circle ci to latest
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* drop k8s to latest supported by kind
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* use endpointslice name as endoint Name; index by Service name
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* use index key comparison in nsAddrs()
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add Index to object.Endpoint fixtures; fix direct endpoint name compares
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add slice dup check and test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* todo
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add ep-slice skew dup test for reverse
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* nsaddrs: de-dup ep-slice skew dups; add test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove todo
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* address various feedback
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* consolidate endpoint/slice informer code
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix endpoint informer consolidation; use clearer func name
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* log info; use major/minor fields
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix nsAddr and unit test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add latency tracking for endpointslices
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* endpointslice latency unit test & fix
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* code shuffling
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* rename endpointslices in tests
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove de-dup from nsAddrs and test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove de-dup from findServices / test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* Speed up testing
* make notification run in the background, this recudes the test_readme
time from 18s to 0.10s
* reduce time for zone reload
* TestServeDNSConcurrent remove entirely. This took a whopping 58s for
... ? A few minutes staring didn't reveal wth it is actually testing.
Making values smaller revealed race conditions in the tests. Remove
entirely.
* Move many interval values to variables so we can reset them to short
values for the tests.
* test_large_axfr: make the zone smaller. The number used 64K has no
rational, make it 64/10 to speed up.
* TestProxyThreeWay: use client with shorter timeout
A few random tidbits in other tests.
Total time saved: 177s (almost 3m) - which makes it worthwhile again to
run the test locally:
this branch:
~~~
ok github.com/coredns/coredns/test 10.437s
cd plugin; time go t ./...
5,51s user 7,51s system 11,15s elapsed 744%CPU (
~~~
master:
~~~
ok github.com/coredns/coredns/test 35.252s
cd plugin; time go t ./...
157,64s user 15,39s system 50,05s elapsed 345%CPU ()
~~~
tests/ -25s
plugins/ -40s
This brings the total on 20s, and another 10s can be saved by fixing
dnstapio. Moving this to 5s would be even better, but 10s is also nice.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Also 0.01
Signed-off-by: Miek Gieben <miek@miek.nl>
sed -i 's/Also See/See Also/' plugin/**/README.md
Some plugins did already use 'See Also', so it's all consistent now.
Fixes: #4196
Signed-off-by: Miek Gieben <miek@miek.nl>
