New plugin: loop #1989
New plugin: loop #1989
Conversation
|
Thank you for your contribution. I've just checked the OWNERS files to find a suitable reviewer. This search was successful and I've asked greenpau (via If you have questions or suggestions for this bot, please file an issue against the miekg/dreck repository. The bot understands the commands that are listed here. |
|
Added @chrisohaver as reviewer as well, as I've volunteered him in the owners file |
|
@miekg , this one is pretty cool! 👍 |
Codecov Report
@@ Coverage Diff @@
## master #1989 +/- ##
==========================================
- Coverage 54.79% 54.67% -0.13%
==========================================
Files 198 200 +2
Lines 9639 9723 +84
==========================================
+ Hits 5282 5316 +34
- Misses 3948 3994 +46
- Partials 409 413 +4
Continue to review full report at Codecov.
|
plugin/loop/loop.go
Outdated
|
|
||
| if l.seen() > 2 { | ||
| // TODO(miek): add log.Fatal(f) and use here. | ||
| log.Errorf("Seen \"HINFO IN %s\" more than twice, loop detected", l.qname) |
There was a problem hiding this comment.
Can we also log the IP address that the loop was detected in? i.e the ip that the request came in on...
There was a problem hiding this comment.
Added, I'm my local testing this will always be localhost because there is no remote server at play.
|
looks great. Thanks Miek for whipping this one out lightning fast! |
Add a plugin that detects loops. It does this by sending an unique query to our selves. If we see the query more than twice we stop the process. If there isn't a loop, the plugin disables it self and becomes a noop plugin. Signed-off-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Miek Gieben <miek@miek.nl>
Ah - I meant to log the IP address that coredns received the packet on (i.e. the destination ip of the incoming packet). |
Signed-off-by: Miek Gieben <miek@miek.nl>
plugin/loop/loop.go
Outdated
| } | ||
|
|
||
| if l.seen() > 2 { | ||
| // TODO(miek): add log.Fatal(f) and use here. |
There was a problem hiding this comment.
I understand we create only one Loop struct. and we send several queries (every 2 sec).
so, this l.seen > 2 will be true at the third msg we send .. no ?
Should we have here a count for each msg.id we create for the test ?
plugin/loop/setup.go
Outdated
| } | ||
|
|
||
| if ok == len(conf.ListenHosts) { | ||
| go func() { |
There was a problem hiding this comment.
looks like a way to disable sooner if at least one msg sent per Listening host.
Because of the double loop (30 sec, and for each Host) - and because of 'continue" at line 46, we are not sure that all Host are tested. (some may be tested several time, some not at all).
| c.OnStartup(func() error { | ||
| // Another Go function, otherwise we block startup and can't send the packet. | ||
| go func() { | ||
| deadline := time.Now().Add(30 * time.Second) |
There was a problem hiding this comment.
I guess 30 sec could be adapted to >= 2 * Nb of Listening Host.
I agree 15 seems already a big number ...
plugin/loop/setup.go
Outdated
|
|
||
| zone := "." | ||
| if len(c.ServerBlockKeys) > 0 { | ||
| zone = plugin.Host(c.ServerBlockKeys[0]).Normalize() |
There was a problem hiding this comment.
I think that setup is called for each of the serverBlocKeys.
There is a way to know which one we are called for : use c.Key
|
[ Quoting <notifications@github.com> in "Re: [coredns/coredns] New plugin: l..." ]
I understand we create only one Loop struct. and we send several queries (every 2 sec).
so, this l.seen > 2 will be true at the third msg we send .. no ?
excellent point! I've only the first listenhost now. We can't use the query Id,
because if something else forwards this again, it will be a different Id.
I guess 30 sec could be adapted to >= 2 * Nb of Listening Host.
I agree 15 seems already a big number ...
I'm fine with 15, but I think load zones in the file plugin blocks startup, so
that can be a long time...
I think that setup is called for each of the serverBlocKeys.
There is a way to know which one we are called for : use c.Key
I'll add the standard code that this can only be used once.
Thanks for reviewing! PTAL.
|
It is not about having several time the "loop" plugin in the same stanza. the setup of loop will be triggered 3 times : one for each key on the top. |
|
This should result in three different queries because I suffix the zone for
each generated name. Let me see if I can add a test for that.
…On Fri, 20 Jul 2018, 17:33 Francois Tur, ***@***.***> wrote:
I'll add the standard code that this can only be used once.
It is not about having several time the "loop" plugin in the same stanza.
It is about having several keys on top of the stanza, like:
coredns.io:53, coredns.com:443, infobloxcom:667 {
loop
procxy ...
}
the setup of loop will be triggered 3 times : one for each key on the top.
and from the setup(...) function you get that key with : c.Key
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1989 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAVkW_g52zA98gBPkChdsdTD3ynxzt6cks5uIgZygaJpZM4VYDrd>
.
|
crashes with: |
Signed-off-by: Miek Gieben <miek@miek.nl>
|
@rajansandeep @miekg @johnbelamaric Will this option make it into the next k8s manifest that has a new enough CoreDNS version? |
|
This is as yet unreleased, but CoreDNS 1.2.1 will have it. What's the
timeframe?
…On Mon, 23 Jul 2018, 09:54 Lucas Käldström, ***@***.***> wrote:
@rajansandeep <https://github.com/rajansandeep> @miekg
<https://github.com/miekg> @johnbelamaric
<https://github.com/johnbelamaric> Will this option make it into the next
k8s manifest that has a new enough CoreDNS version?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1989 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAVkWxpvkmKKNGtam5mYK82i4PGZZ8P1ks5uJY9PgaJpZM4VYDrd>
.
|
Yes |
Plenty of time to get it into the next k8s release. |
|
In that case it would not be considered as a feature. |
|
Yes, thanks. I relayed the wrong freeze ... FYI... https://github.com/kubernetes/sig-release/blob/master/releases/release-1.12/release-1.12.md |
* New plugin: loop Add a plugin that detects loops. It does this by sending an unique query to our selves. If we see the query more than twice we stop the process. If there isn't a loop, the plugin disables it self and becomes a noop plugin. Signed-off-by: Miek Gieben <miek@miek.nl>
* New plugin: loop Add a plugin that detects loops. It does this by sending an unique query to our selves. If we see the query more than twice we stop the process. If there isn't a loop, the plugin disables it self and becomes a noop plugin. Signed-off-by: Miek Gieben <miek@miek.nl>
* New plugin: loop Add a plugin that detects loops. It does this by sending an unique query to our selves. If we see the query more than twice we stop the process. If there isn't a loop, the plugin disables it self and becomes a noop plugin. Signed-off-by: Miek Gieben <miek@miek.nl>
Add a plugin that detects loops. It does this by sending an unique query
to our selves. If we see the query more than twice we stop the process.
If there isn't a loop, the plugin disables it self and becomes a noop
plugin.
Signed-off-by: Miek Gieben miek@miek.nl