Skip to content

Commit

Permalink
Implement deprecation notice for 1.1.4 (coredns#1833)
Browse files Browse the repository at this point in the history 
* Implement deprecation notice for 1.1.4

This still allows all the config to be parsed, but noops it:

* -log; always set the log to stdout; no matter what.
* https_google; removed from the proxy implementation.
* reverse plugin: set to deprecated.

* Whole of reverse can go

* Remove test for deprecated plugin
  • Loading branch information
@miekg
miekg authored May 24, 2018
1 parent b0fd575 commit 2758a75
Show file tree
Hide file tree
Showing 20 changed files with 9 additions and 1,306 deletions.
2 changes: 1 addition & 1 deletion core/plugin/zplugin.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
_ "github.com/coredns/coredns/plugin/cache"
_ "github.com/coredns/coredns/plugin/chaos"
_ "github.com/coredns/coredns/plugin/debug"
_ "github.com/coredns/coredns/plugin/deprecated"
_ "github.com/coredns/coredns/plugin/dnssec"
_ "github.com/coredns/coredns/plugin/dnstap"
_ "github.com/coredns/coredns/plugin/erratic"
Expand All @@ -28,7 +29,6 @@ import (
_ "github.com/coredns/coredns/plugin/pprof"
_ "github.com/coredns/coredns/plugin/proxy"
_ "github.com/coredns/coredns/plugin/reload"
_ "github.com/coredns/coredns/plugin/reverse"
_ "github.com/coredns/coredns/plugin/rewrite"
_ "github.com/coredns/coredns/plugin/root"
_ "github.com/coredns/coredns/plugin/route53"
Expand Down
7 changes: 2 additions & 5 deletions coremain/run.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ func init() {
flag.StringVar(&caddy.PidFile, "pidfile", "", "Path to write pid file")
flag.BoolVar(&version, "version", false, "Show version")
flag.BoolVar(&dnsserver.Quiet, "quiet", false, "Quiet mode (no initialization output)")
flag.BoolVar(&logfile, "log", false, "Log to standard output")
flag.BoolVar(&logfile, "log", false, "Log to standard output") // noop for 1.1.4; drop in 1.2.0.

caddy.RegisterCaddyfileLoader("flag", caddy.LoaderFunc(confLoader))
caddy.SetDefaultCaddyfileLoader("default", caddy.LoaderFunc(defaultLoader))
Expand Down Expand Up @@ -62,10 +62,7 @@ func Run() {
mustLogFatal(fmt.Errorf("extra command line arguments: %s", flag.Args()))
}

// Set up process log before anything bad happens
if logfile {
log.SetOutput(os.Stdout)
}
log.SetOutput(os.Stdout)
log.SetFlags(log.LstdFlags)

if version {
Expand Down
2 changes: 1 addition & 1 deletion plugin.cfg
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ cache:cache
rewrite:rewrite
dnssec:dnssec
autopath:autopath
reverse:reverse
reverse:deprecated
template:template
hosts:hosts
route53:route53
Expand Down
2 changes: 1 addition & 1 deletion plugin/deprecated/setup.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ import (
)

// removed has the names of the plugins that need to error on startup.
var removed = []string{"startup", "shutdown"}
var removed = []string{"reverse"}

func setup(c *caddy.Controller) error {
c.Next()
Expand Down
49 changes: 3 additions & 46 deletions plugin/proxy/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ proxy FROM TO... {
health_check PATH:PORT [DURATION]
except IGNORED_NAMES...
spray
protocol [dns [force_tcp]|https_google [bootstrap ADDRESS...]|grpc [insecure|CACERT|KEY CERT|KEY CERT CACERT]]
protocol [dns [force_tcp]|grpc [insecure|CACERT|KEY CERT|KEY CERT CACERT]]
}
~~~

Expand All @@ -54,8 +54,7 @@ proxy FROM TO... {
* `spray` when all backends are unhealthy, randomly pick one to send the traffic to. (This is
a failsafe.)
* `protocol` specifies what protocol to use to speak to an upstream, `dns` (the default) is plain
old DNS, and `https_google` uses `https://dns.google.com` and speaks a JSON DNS dialect. Note when
using this **TO** will be ignored. The `grpc` option will talk to a server that has implemented
old DNS. The `grpc` option will talk to a server that has implemented
the [DnsService](https://github.com/coredns/coredns/blob/master/pb/dns.proto).

## Policies
Expand All @@ -73,10 +72,6 @@ available. This is to preeempt the case where the healthchecking (as a mechanism

## Upstream Protocols

Currently `protocol` supports `dns` (i.e., standard DNS over UDP/TCP) and `https_google` (JSON
payload over HTTPS). Note that with `https_google` the entire transport is encrypted. Only *you* and
*Google* can see your DNS activity.

`dns`
: uses the standard DNS exchange. You can pass `force_tcp` to make sure that the proxied connection is performed
over TCP, regardless of the inbound request's protocol.
Expand All @@ -92,13 +87,6 @@ payload over HTTPS). Note that with `https_google` the entire transport is encry
* **KEY** **CERT** **CACERT** - Client authentication is used with the specified key/cert pair. The
server certificate is verified using the **CACERT** file.

`https_google`
: bootstrap **ADDRESS...** is used to (re-)resolve `dns.google.com`.

This happens every 300s. If not specified the default is used: 8.8.8.8:53/8.8.4.4:53.
Note that **TO** is *ignored* when `https_google` is used, as its upstream is defined as `dns.google.com`.


## Metrics

If monitoring is enabled (via the *prometheus* directive) then the following metric is exported:
Expand All @@ -108,7 +96,7 @@ If monitoring is enabled (via the *prometheus* directive) then the following met
* `coredns_proxy_request_count_total{server, proto, proto_proxy, family, to}` - query count per
upstream.

Where `proxy_proto` is the protocol used (`dns`, `grpc`, or `https_google`) and `to` is **TO**
Where `proxy_proto` is the protocol used (`dns` or `grpc`) and `to` is **TO**
specified in the config, `proto` is the protocol used by the incoming query ("tcp" or "udp"), family
the transport family ("1" for IPv4, and "2" for IPv6). `Server` is the server responsible for the
request (and metric). See the documention in the metrics plugin.
Expand Down Expand Up @@ -169,34 +157,3 @@ Proxy everything except `example.org` using the host's `resolv.conf`'s nameserve
}
}
~~~

Proxy all requests within `example.org` to Google's `dns.google.com`.

~~~ corefile
. {
proxy example.org 1.2.3.4:53 {
protocol https_google
}
}
~~~

Proxy everything with HTTPS to `dns.google.com`, except `example.org`. Then have another proxy in
another stanza that uses plain DNS to resolve names under `example.org`.

~~~ corefile
. {
proxy . 1.2.3.4:53 {
except example.org
protocol https_google
}
}
example.org {
proxy . 8.8.8.8:53
}
~~~

## Bugs

When using the `google_https` protocol the health checking will health check the wrong endpoint.
See <https://github.com/coredns/coredns/issues/1202> for some background.
1 change: 0 additions & 1 deletion plugin/proxy/dnstap_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,6 @@ func TestDnstap(t *testing.T) {
tapq.SocketProto = tap.SocketProtocol_TCP
tapr.SocketProto = tap.SocketProtocol_TCP
testCase(t, newDNSExWithOption(Options{ForceTCP: true}), q, r, tapq, tapr)
testCase(t, newGoogle("", []string{"8.8.8.8:53", "8.8.4.4:53"}), q, r, tapq, tapr)
}

func TestNoDnstap(t *testing.T) {
Expand Down
219 changes: 0 additions & 219 deletions plugin/proxy/google.go
View file

This file was deleted.

Loading

0 comments on commit 2758a75

Please sign in to comment.