Forward PTR record lookup from kubedns to upstream server. #220
Conversation
k8s-ci-robot
added
do-not-merge/work-in-progress
k8s-ci-robot
added
size/L
grayluck
changed the title
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
/assign @MrHohn |
|
/ok-to-test |
k8s-ci-robot
removed
the
needs-ok-to-test
|
@grayluck Seems like travis failed on this: |
|
/assign @bowei |
Makefile
Outdated
| # dnsmasq-nanny \ | ||
| # kube-dns \ | ||
| # sidecar | ||
| CONTAINER_BINARIES := kube-dns |
Makefile
Outdated
|
|
||
| # List of images to build (contained in images/) | ||
| IMAGES := dnsmasq | ||
| # Registry to push to. | ||
| REGISTRY ?= staging-k8s.gcr.io | ||
| # REGISTRY ?= gcr.io | ||
| REGISTRY ?= gcr.io/yankaiz-kube-test |
| @@ -163,40 +162,6 @@ func setupSignalHandlers() { | |||
| }() | |||
| } | |||
|
|
|||
| func validateHostAndPort(hostAndPort string) error { | |||
There was a problem hiding this comment.
I think this should just go into config/ package instead of creating a new package util
There was a problem hiding this comment.
It's now in config package.
I am making it public for now in testing purpose. Will change it to private method very soon on Monday.
There was a problem hiding this comment.
Two validation logic merged. Now skydns's nameserver is synced/guarded by kubedns.
pkg/dns/dns.go
Outdated
| @@ -57,6 +58,9 @@ type KubeDNS struct { | |||
| // to get Endpoints and Service objects. | |||
| kubeClient clientset.Interface | |||
|
|
|||
| // skydns points to the skydns server instance for configuration syncing. | |||
| skydnsConfig *server.Config | |||
There was a problem hiding this comment.
Let's just make this a Public field and call set directly
SkyDNSConfig *server.Config
pkg/dns/dns.go
Outdated
| @@ -135,6 +139,32 @@ func NewKubeDNS(client clientset.Interface, clusterDomain string, timeout time.D | |||
| return kd | |||
| } | |||
|
|
|||
| // BondSkydnsConfig bonds the configuration of skydns for config sync. The | |||
| // function encapsulates skydnsConfig inside KubeDNS struct. | |||
| func (kd *KubeDNS) BondSkydnsConfig(config *server.Config) { | |||
pkg/dns/util/util.go
Outdated
| @@ -87,3 +89,37 @@ func HashServiceRecord(msg *msg.Service) string { | |||
| h.Write([]byte(s)) | |||
| return fmt.Sprintf("%x", h.Sum32()) | |||
| } | |||
|
|
|||
| func ValidateHostAndPort(hostAndPort string) error { | |||
There was a problem hiding this comment.
Move unit tests as well. Are there any unit tests?
pkg/e2e/options.go
Outdated
| hyperkubeImage = "k8s.gcr.io/hyperkube:v1.5.1" | ||
| etcdImage = "quay.io/coreos/etcd:v3.0.14" | ||
| hyperkubeImage = "k8s.gcr.io/hyperkube:v1.5.1" | ||
| dnsmasqPtrImage = "gcr.io/kubernetes-e2e-test-images/dnsmasq-ptr:1.0" |
There was a problem hiding this comment.
Now using k8s.gcr.io/k8s-dns-dnsmasq-amd64:1.14.5 instead.
test/e2e/kubedns/kubedns.go
Outdated
| @@ -55,4 +59,69 @@ var _ = Describe("kube-dns", func() { | |||
| kubeDNS.Stop() | |||
| }) | |||
| }) | |||
|
|
|||
| It("should forward missed ptr lookup to upstream server", func() { | |||
There was a problem hiding this comment.
should forward PTR queries to the upstream server
test/e2e/kubedns/kubedns.go
Outdated
|
|
||
| kubeDNS.Start("kube-dns-ptrfwd", "-v=4", "--config-dir="+configDir) | ||
|
|
||
| By("Get answer without upstream server") |
test/e2e/kubedns/kubedns.go
Outdated
|
|
||
| func doPtrQuery(kubeDNS *e2edns.KubeDNS) error { | ||
| time.Sleep(1 * time.Second) | ||
| names, err := kubeDNS.Query("4.3.2.1.in-addr.arpa.", dns.TypePTR) |
There was a problem hiding this comment.
You can use an IP from the testbed range to guarantee no one will reply. 1.2.3.4 may be someone's address.
192.0.2.0/24
There was a problem hiding this comment.
IP changed. Now using numb upstream server when test starts and then switch to a upstream server with the desired PTR record.
grayluck
force-pushed
the
fwdup
branch
2 times, most recently
from
33bbedf to
a34f511
Compare
pkg/dns/config/config.go
Outdated
| return err | ||
| } | ||
| if ip := net.ParseIP(host); ip == nil { | ||
| return fmt.Errorf("bad IP address: %s", host) |
pkg/dns/config/config.go
Outdated
| return fmt.Errorf("bad IP address: %s", host) | ||
| } | ||
| if p, _ := strconv.Atoi(port); p < 1 || p > 65535 { | ||
| return fmt.Errorf("bad port number %s", port) |
pkg/dns/dns.go
Outdated
|
|
||
| if kd.SkyDNSConfig != nil { | ||
| var nameServers []string | ||
| for _, nameServer := range kd.config.UpstreamNameservers { |
There was a problem hiding this comment.
is there a reason why this isn't match the parsing routine in config.go?
There was a problem hiding this comment.
config.go only validates the address of nameservers. Here a default port is appended to the address if the address doesn't have a port.
test/e2e/kubedns/kubedns.go
Outdated
|
|
||
| configDir := workDir + "/kube-dns-config" | ||
| if err := os.MkdirAll(configDir, 0744); err != nil { | ||
| panic(err) |
pkg/dns/util/util.go
Outdated
| return "", "", err | ||
| } | ||
| if ip := net.ParseIP(host); ip == nil { | ||
| return "", "", fmt.Errorf("bad IP address: %s", host) |
There was a problem hiding this comment.
For invalid strings, you should use %q so the string is quoted.
pkg/dns/util/util.go
Outdated
| return "", "", fmt.Errorf("bad IP address: %s", host) | ||
| } | ||
| if p, _ := strconv.Atoi(port); p < 1 || p > 65535 { | ||
| return "", "", fmt.Errorf("bad port number %s", port) |
There was a problem hiding this comment.
For invalid strings, you should use %q so the string is quoted.
check err as well
if p, err := strconv.Atoi(port); err != nil || p < 1 || p > 65535 {
pkg/dns/util/util_test.go
Outdated
| import ( | ||
| "testing" | ||
|
|
||
| "github.com/stretchr/testify/assert" |
There was a problem hiding this comment.
Don't use testify, we are trying to move away from it.
pkg/dns/util/util_test.go
Outdated
| {false, "asdf", "", ""}, | ||
| } { | ||
| ip, port, err := ValidateNameserverIpAndPort(tc.nameserver) | ||
| if tc.isValid { |
There was a problem hiding this comment.
gotErr := err != nil
if gotErr != tc.wantErr {
t.Errorf("ValidateNameserverIpAndPort(%q) = %q, %q, %v; gotErr = %t, want %t", ip, port, err, gotErr, tc.wantErr)
}
pkg/dns/util/util_test.go
Outdated
| } else { | ||
| assert.Error(t, err, "%s should not be valid nameserver", tc.nameserver) | ||
| } | ||
| assert.Equal(t, tc.expectedIp, ip, "Ip doesn't match.") |
There was a problem hiding this comment.
if ip != tc.ip || port != tc.port {
t.Errorf("ValidateNameserverIpAndPort(%q) = %q, %q, nil; want %q, %q, nil", ip, port, tc.ip, tc.port)
}
pkg/dns/util/util_test.go
Outdated
| {false, "1.1.1.1:abc", "", ""}, | ||
| {false, "1.1.1.1:123456789", "", ""}, | ||
| {false, "1.1.1.1:", "", ""}, | ||
| {false, "asdf", "", ""}, |
There was a problem hiding this comment.
add case `{wantErr: true, ns:"invalidip:80"},
pkg/e2e/dns/dns.go
Outdated
| cmd *exec.Cmd | ||
| isRunning bool | ||
| } | ||
|
|
||
| // Start kube DNS, passing in extra arguments | ||
| func (kd *KubeDNS) Start(args ...string) { | ||
| func (kd *KubeDNS) Start(name string, args ...string) { |
pkg/dns/util/util_test.go
Outdated
| @@ -0,0 +1,49 @@ | |||
| /* | |||
| Copyright 2016 The Kubernetes Authors. | |||
pkg/dns/dns.go
Outdated
| } | ||
| kd.config = nextConfig | ||
| glog.V(2).Infof("Configuration updated: %+v", *kd.config) | ||
|
|
| func (d *KubeDNSServer) startSkyDNSServer() { | ||
| glog.V(0).Infof("Starting SkyDNS server (%v:%v)", d.dnsBindAddress, d.dnsPort) | ||
| skydnsConfig := &server.Config{ | ||
| Domain: d.domain, | ||
| DnsAddr: fmt.Sprintf("%s:%d", d.dnsBindAddress, d.dnsPort), | ||
| } | ||
| if d.nameServers != "" { |
There was a problem hiding this comment.
Where doe d.nameServers get initialized now?
There was a problem hiding this comment.
It will get initialized when kubeDNS initialize its configuration through Once.
Let's say the user provides nameservers as commandline parameters. In the case of using configMap or configDir, the nameserver from command line will be overwriten when kubedns initializes its config through sync once. As for no configmap or configdir, both kubedns and skydns will use the nameserver from commandline parameter after kubedns sync once.
|
Ok, can you squash all of the commits and clean up the commit message?
then we can merge. |
grayluck
changed the title
|
Squashed. Also changed the title of this PR. |
Fixes issue kubernetes#198. e2e test for PTR lookup forwarding also included. Skydns syncs config with kubeDNS. Now Skydns will ignore nameservers parameter from the commandline if either configmap or configdir is given. Merged hostname validation logic and moved them to util. Unittest is added for this.
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
/approved |
Fixes #198
Approach: Let kubedns sync config to skydns nameservers, allowing skydns to do the request forwarding.