feat(dns): embedded DNS server instead of coreDNS #13124
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
For DNS proxy we'd like to reuse the same configFetcher mechanism Split it out to its own package and define an api to add handlers Also add support for the handlers to handle etag to avoid reloading when the config doesn't change Signed-off-by: Charly Molter <[email protected]>
Also add support for etag caching Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
lahabana
added
the
ci/run-full-matrix
|
I've made a few separate commits as this is a bit of a mouthful |
Reviewer Checklist🔍 Each of these sections need to be checked by the reviewer of the PR 🔍:
|
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
lahabana
changed the title
lukidzi
reviewed
Mar 18, 2025
lobkovilya
reviewed
Mar 18, 2025
Automaat
reviewed
Mar 19, 2025
slonka
reviewed
Mar 19, 2025
There was a problem hiding this comment.
In general looks promising, a bunch of questions and nitpicks. Also would love to see a simple test checking integration with a DNS client.
- Is the PR title satisfactory? Is this part of a larger feature and should be grouped using
> Changelog? - PR description is clear and complete. It Links to relevant issue as well as docs and UI issues
- This will not break child repos: it doesn't hardcode values (.e.g "kumahq" as an image registry)
- IPv6 is taken into account (.e.g: no string concatenation of host port)
- Tests (Unit test, E2E tests, manual test on universal and k8s)
- Don't forget
ci/labels to run additional/fewer tests
- Don't forget
- Does this contain a change that needs to be notified to users? In this case,
UPGRADE.mdshould be updated. - Does it need to be backported according to the backporting policy? (this GH action will add "backport" label based on these file globs, if you want to prevent it from adding the "backport" label use no-backport-autolabel label)
Signed-off-by: Charly Molter <[email protected]>
|
@lobkovilya pushed a new commit which simplifies the handler API as it doesn't deal with shutdowns anymore (that's what components are for) |
Icarus9913
reviewed
Mar 21, 2025
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
lukidzi
reviewed
Mar 24, 2025
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
lobkovilya
reviewed
Mar 31, 2025
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
slonka
previously approved these changes
Apr 2, 2025
|
Oh, did not notice that the tests are failing. |
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
Signed-off-by: Charly Molter <[email protected]>
lobkovilya
reviewed
Apr 4, 2025
Signed-off-by: Charly Molter <[email protected]>
lobkovilya
approved these changes
Apr 4, 2025
slonka
approved these changes
Apr 7, 2025
lobkovilya
pushed a commit
to lobkovilya/kuma
that referenced
this pull request
Apr 24, 2025
## Motivation Add an embedded DNS server that resolves mesh local hostnames. This feature is disabled by default and needs to be enabled with `kuma_dns_proxy_port ` on DPs in universal to a non 0 value or simply with `kuma_runtime_kubernetes_injector_builtin_dns_experimental_proxy =true` on CP in Kubernetes (this leverages sidecar injection). ## Implementation information We leveraged the same system as MeshMetric. The DNS map is exposed in the `_kuma:dynamicconfig` listener, we poll this from the DP at a set frequency and reload the data. We improved the whole configfetcher to make it reusable across different components. We also setup the endpoint so that it works with [etag caching](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/ETag) while avoids unnecessary reloading and processing, we can therefore refresh the configs more quickly as well. For the moment I added a new matrix for e2e test. If this is stable I'll switch the default. --------- Signed-off-by: Charly Molter <[email protected]> Signed-off-by: Ilya Lobkov <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation
Add an embedded DNS server that resolves mesh local hostnames.
This feature is disabled by default and needs to be enabled with
kuma_dns_proxy_porton DPs in universal to a non 0 value or simply withkuma_runtime_kubernetes_injector_builtin_dns_experimental_proxy =trueon CP in Kubernetes (this leverages sidecar injection).Implementation information
We leveraged the same system as MeshMetric. The DNS map is exposed in the
_kuma:dynamicconfiglistener, we poll this from the DP at a set frequency and reload the data.We improved the whole configfetcher to make it reusable across different components. We also setup the endpoint so that it works with etag caching while avoids unnecessary reloading and processing, we can therefore refresh the configs more quickly as well.
For the moment I added a new matrix for e2e test. If this is stable I'll switch the default.