CoreDNS plugin implementing K8s multi-cluster services DNS spec.

corends-multicluster

Name

multicluster - implementation of Multicluster DNS

Description

This plugin implements the Kubernetes DNS-Based Multicluster Service Discovery Specification.

Syntax

multicluster [ZONES...] {
    kubeconfig KUBECONFIG [CONTEXT]
    fallthrough [ZONES...]
}
  • kubeconfig KUBECONFIG [CONTEXT] authenticates the connection to a remote k8s cluster using a kubeconfig file. [CONTEXT] is optional, if not set, then the current context specified in kubeconfig will be used. It supports TLS, username and password, or token-based authentication. This option is ignored if connecting in-cluster (i.e., the endpoint is not specified).
  • fallthrough [ZONES...] If a query for a record in the zones for which the plugin is authoritative results in NXDOMAIN, normally that is what the response will be. However, if you specify this option, the query will instead be passed on down the plugin chain, which can include another plugin to handle the query. If [ZONES...] is omitted, then fallthrough happens for all zones for which the plugin is authoritative. If specific zones are listed (for example in-addr.arpa and ip6.arpa), then only queries for those zones will be subject to fallthrough.

Startup

When CoreDNS starts with the multicluster plugin enabled, it will delay serving DNS for up to 5 seconds until it can connect to the Kubernetes API and synchronize all object watches. If this cannot happen within 5 seconds, then CoreDNS will start serving DNS while the multicluster plugin continues to try to connect and synchronize all object watches. CoreDNS will answer SERVFAIL to any request made for a Kubernetes record that has not yet been synchronized.

Examples

Handle all queries in the clusterset.local zone. Connect to Kubernetes in-cluster.

.:53 {
    multicluster clusterset.local
}

Installation

See CoreDNS documentation about Compile Time Enabling or Disabling Plugins.

Recompile coredns

Add the plugin to plugins.cfg file. The ordering of plugins matters, add it just below kubernetes plugin that has very similar functionality:

...
kubernetes:kubernetes
multicluster:github.com/vanekjar/coredns-multicluster
...

Follow the coredns README file to build it.

Modify cluster's corefile

To enable the plugin for clusterset.local zone, add multicluster configuration to the corefile. Resulting corefile may look like this:

.:53 {
    errors
    health
    multicluster clusterset.local
    kubernetes cluster.local in-addr.arpa ip6.arpa {
      pods insecure
      fallthrough in-addr.arpa ip6.arpa
    }
    prometheus :9153
    forward . /etc/resolv.conf
    cache 30
    loop
    reload
    loadbalance
}
Owner
Jaromir Vanek
Jaromir Vanek
https://github.com/vanekjar/coredns-multicluster
Comments
  • error: cannot use e (type *Endpoints) as type

    error: cannot use e (type *Endpoints) as type "k8s.io/apimachinery/pkg/apis/meta/v1"

    Hi guys,

    I am having trouble compiling the project. When adding the plugin in the plugin.cfg list I get the following error:

    # github.com/coredns/multicluster/object
/go/pkg/mod/github.com/coredns/[email protected]/object/endpoint.go:104:2: cannot use e (type *Endpoints) as type "k8s.io/apimachinery/pkg/apis/meta/v1".Object in return argument:
	*Endpoints does not implement "k8s.io/apimachinery/pkg/apis/meta/v1".Object (missing GetZZZ_DeprecatedClusterName method)
/go/pkg/mod/github.com/coredns/[email protected]/object/endpoint.go:152:2: cannot use e (type *Endpoints) as type "k8s.io/apimachinery/pkg/apis/meta/v1".Object in return argument:
	*Endpoints does not implement "k8s.io/apimachinery/pkg/apis/meta/v1".Object (missing GetZZZ_DeprecatedClusterName method)
/go/pkg/mod/github.com/coredns/[email protected]/object/namespace.go:31:2: cannot use n (type *Namespace) as type "k8s.io/apimachinery/pkg/apis/meta/v1".Object in return argument:
	*Namespace does not implement "k8s.io/apimachinery/pkg/apis/meta/v1".Object (missing GetZZZ_DeprecatedClusterName method)

    go version go1.18.2

  • bad prefix in one of the setup tests(?): 'kubernetes .. ' instead of 'multicluster ..'

    bad prefix in one of the setup tests(?): 'kubernetes .. ' instead of 'multicluster ..'

    Hi guys,

    I went through your setup_test.go file, and saw that the last test was config as 'kubernetes ..' instead of 'multicluster ...' in the plugin setup for the config map: in setup_test.go , line 34:

     `kubernetes coredns.local clusterset.local {
            fallthrough
             }`,
			false,
			"",
			2,
			fall.Root,
		},

    other test cases were with a multicluster prefix, as I thought should be (for example):

    		{
			`multicluster coredns.local clusterset.local`,
			false,
			"",
			2,
			fall.Zero,
		},

    Is there a reason for the different prefixes? Thanks.

  • error: failed to list *v1alpha1.ServiceImport: the server could not find the requested resource (get serviceimports.multicluster.x-k8s.io)

    error: failed to list *v1alpha1.ServiceImport: the server could not find the requested resource (get serviceimports.multicluster.x-k8s.io)

    Hello all,

    I've successfully deployed the plugin on my cluster. But when the pod start, it shows the errors: reflector.go:324] pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:167: failed to list *v1alpha1.ServiceImport: the server could not find the requested resource (get serviceimports.multicluster.x-k8s.io) pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:167: Failed to watch *v1alpha1.ServiceImport: failed to list *v1alpha1.ServiceImport: the server could not find the requested resource (get serviceimports.multicluster.x-k8s.io )

  • Change plugin name in one of 'setup_test' tests

    Change plugin name in one of 'setup_test' tests

    Fix typo in plugin name in one of the tests, changed plugin name in the test from 'kubernetes' to 'multicluster'

    Signed-off-by: Itay nakash [email protected]

  • Update for parity with changes in record functions

    Update for parity with changes in record functions

    Plugin does not build with coredns main branch, I tried at coredns commit a929b0b1ecbb0f87b0bd0cd0a40ce38893dce9c0

    lauralorenz@lauralorenz:~/coredns/coredns$ make
CGO_ENABLED=0  go build -v -ldflags="-s -w -X github.com/coredns/coredns/coremain.GitCommit=a929b0b1-dirty" -o coredns
github.com/coredns/multicluster
# github.com/coredns/multicluster
../../go/pkg/mod/github.com/coredns/[email protected]/multicluster.go:131:18: assignment mismatch: 2 variables but plugin.A returns 3 values
../../go/pkg/mod/github.com/coredns/[email protected]/multicluster.go:133:18: assignment mismatch: 2 variables but plugin.AAAA returns 3 values
../../go/pkg/mod/github.com/coredns/[email protected]/multicluster.go:135:18: assignment mismatch: 2 variables but plugin.TXT returns 3 values
../../go/pkg/mod/github.com/coredns/[email protected]/multicluster.go:148:12: assignment mismatch: 2 variables but plugin.A returns 3 values
make: *** [Makefile:16: coredns] Error 2

    Appears to be due to function signature changes for records in https://github.com/coredns/coredns/pull/4715 meaning this plugin is currently incompatible as of coredns 1.9.1.

  • Create go.yml

    Create go.yml

    Description

    [Describe what this change achieves]

    Issues Resolved

    [List any issues this PR will resolve]

    Check List

    • [ ] Commits are signed per the DCO using --signoff

    By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check here.

  • Remove the reference to the package github.com/vanekjar/coredns-multicluster/

    Remove the reference to the package github.com/vanekjar/coredns-multicluster/

    Description

    Remove the reference to the package github.com/vanekjar/coredns-multicluster/

    Issues Resolved

    Consistency

    Check List

    • [ ] Commits are signed per the DCO using --signoff

    By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check here.

  • Coredns build steps

    Coredns build steps

    Description

    • Add the step to build the coredns binary and docker more easily
    • Remove the reference to the package github.com/vanekjar/coredns-multicluster/

    Issues Resolved

    Improve stability

    Check List

    • [ ] Commits are signed per the DCO using --signoff

    By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check here.

  • Full support for headless services

    Full support for headless services

    closes #1

    Adding support for headless services. Following multi-cluster DNS spec. Examples of supported queries:

    A query

    $ dig A nginx.my-namespace.svc.clusterset.local

;; ANSWER SECTION:
nginx.my-namespace.svc.clusterset.local.	5 IN	A	10.244.0.9
nginx.my-namespace.svc.clusterset.local.	5 IN	A	10.244.0.10
nginx.my-namespace.svc.clusterset.local.	5 IN	A	10.244.0.8

    SRV query

    $ dig SRV nginx.my-namespace.svc.clusterset.local

;; ANSWER SECTION:
nginx.my-namespace.svc.clusterset.local.	5 IN	SRV	0 33 80 10-244-0-10.clusterid.nginx.my-namespace.svc.clusterset.local.
nginx.my-namespace.svc.clusterset.local.	5 IN	SRV	0 33 80 10-244-0-8.clusterid.nginx.my-namespace.svc.clusterset.local.
nginx.my-namespace.svc.clusterset.local.	5 IN	SRV	0 33 80 10-244-0-9.clusterid.nginx.my-namespace.svc.clusterset.local.

    Endpoint query

    $ dig 10-244-0-10.clusterid.nginx.my-namespace.svc.clusterset.local

;; ANSWER SECTION:
10-244-0-10.clusterid.nginx.my-namespace.svc.clusterset.local.	5 IN A 10.244.0.10
  • Add support for headless services

    Add support for headless services

    Currently, only ClusterIP is supported. Add support for headless services.

    See Multi-Cluster DNS spec.

    Affected part of the code https://github.com/vanekjar/coredns-multicluster/blob/bdb34f77f97d6f50a37788613f5a6b1f516379fa/multicluster.go#L353

Related tags
Networking DNS coredns-multicluster
CoreDNS is a DNS server that chains plugins
 CoreDNS is a DNS server that chains plugins

CoreDNS is a DNS server/forwarder, written in Go, that chains plugins. Each plugin performs a (DNS) function. CoreDNS is a Cloud Native Computing Foun

Jan 3, 2023
DNS server using miekg/dns offering dynamic subdomains, time-over-dns, and standard zone file support.

dns-go DNS server using miekg/dns offering dynamic subdomains, time-over-dns, and standard zone file support. dynamic subdomains web.myapp.192.168.1.1

Dec 14, 2021
A webhook for performaning DNS01 validation against CoreDNS backended by etcd.

[WIP] cert-manager-webhook-coredns-etcd A webhook for performaning DNS01 validation against CoreDNS backended by etcd. Running the test suite All DNS

Jan 15, 2022
A DNS client in Go that supports Google DNS over HTTPS

dingo A DNS client (stub resolver) implemented in Go for the Google DNS-over-HTTPS. It effectively encrypts all your DNS traffic. It also supports Ope

Nov 9, 2022
dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
 dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.

Overview A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2, DNS-over-HTTPS and Anonymized DNSCrypt. dnscrypt-p

Jan 3, 2023
A smol DNS server (<100 loc) that's configured with a static JSON file. Useful for split-dns.

A smol DNS server (<100 loc) that's configured with a static JSON file. Useful for split-dns.

Jul 27, 2022
Create cluster to run ingress controller and set the dns resolver
 Create cluster to run ingress controller and set the dns resolver

kubebuilder-crd-dep-svc-ing create cluster to run ingress controller and set the dns resolver $ kind create cluster --config clust.yaml $ sudo

Nov 15, 2021
DNS library in Go

Alternative (more granular) approach to a DNS library Less is more. Complete and usable DNS library. All Resource Records are supported, including the

Dec 26, 2022
DNS over HTTPS [mirror]

dnss dnss is a daemon for using DNS over HTTPS. It can act as a proxy, receiving DNS requests and resolving them using DNS-over-HTTPs (DoH). This can

Dec 26, 2022
DNS server with per-client targeted responses

GeoDNS servers This is the DNS server powering the NTP Pool system and other similar services. Questions or suggestions? For bug reports or feature re

Dec 15, 2022
GRONG is a DNS (Domain Name System) authoritative name server.It is more a research project than a production-ready program.

GRONG (Gross and ROugh Nameserver written in Go) is a DNS (Domain Name System) authoritative name server. It is intended as a research project and is

Oct 17, 2020
Multicast DNS library for Go

Introduction This package allows Go processes to publish multicast DNS style records onto their local network segment. For more information about mDNS

Oct 23, 2022
Resolver (DNS) cache daemon.
 Resolver (DNS) cache daemon.

RESCACHED(1) Manual Page NAME rescached - DNS resolver cache daemon. Table of Contents SYNOPSIS OPTIONS DESCRIPTION FEATURES BEHIND THE DNS HOW CACHE

Nov 17, 2022
CUP - Cloudflare (DNS) Updater Program

CUP The Cloudflare (DNS) Updater CUP is a tool to turn CloudFlare DNS into a Dynamic DNS service. Documentation Documentation can be found in the docs

Jun 6, 2022
🐶 Command-line DNS Client for Humans. Written in Golang
 🐶 Command-line DNS Client for Humans. Written in Golang

doggo ?? Command-line DNS client for humans doggo is a modern command-line DNS client (like dig) written in Golang. It outputs information in a neat c

Dec 29, 2022
Fast and lightweight DNS proxy as ad-blocker for local network with many features

Blocky Blocky is a DNS proxy and ad-blocker for the local network written in Go with following features: Features Blocking - Blocking of DNS queries w

Jan 1, 2023
Are you forwarding DNS traffic to another server for some reason, but want to make sure only queries for certain names are passed? Say no more.

DNSFWD Redirect DNS traffic to an upstream. Get Latest: wget https://github.com/C-Sto/dnsfwd/releases/latest/download/dnsfwd_linux (replace linux with

Dec 16, 2022
Fast DNS implementation for Go

Fast DNS implementation for Go Features 0 Dependency Similar Interface with net/http Fast DoH Server Co-create with fasthttp Fast DNS Client with rich

Dec 27, 2022
Gotator is a tool to generate DNS wordlists through permutations.
 Gotator is a tool to generate DNS wordlists through permutations.

Gotator is a tool to generate DNS wordlists through permutations.

Dec 28, 2022