allow ipv6 nameservers #2634
allow ipv6 nameservers #2634
Conversation
Tieske
force-pushed
the
fix/ipv6-nameservers
branch
from
8928eb9 to
9c4d7e9
Compare
kong.conf.default
Outdated
| # completes, or the `dns_stale_ttl` number of | ||
| # seconds have passed. | ||
|
|
||
| #dns_not_found_ttl = 30 # Ttl in seconds for empty DNS responses and |
There was a problem hiding this comment.
"ttl" should either be all caps or all lowercase (prefer upper here)
kong/templates/kong_defaults.lua
Outdated
| @@ -69,8 +69,10 @@ db_cache_ttl = 3600 | |||
| dns_resolver = NONE | |||
| dns_hostsfile = /etc/hosts | |||
| dns_order = LAST,SRV,A,CNAME | |||
| dns_stale_ttl = 4.0 | |||
There was a problem hiding this comment.
should be 4, not 4.0, to match the default config file
| end | ||
| end | ||
|
|
||
| local opts = { | ||
| hosts = conf.dns_hostsfile, | ||
| resolvConf = nil, -- defaults to system resolv.conf | ||
| nameservers = servers, -- provided list or taken from resolv.conf | ||
| enable_ipv6 = true, -- allow for ipv6 nameserver addresses |
There was a problem hiding this comment.
this is a comment on the lua-resty-dns-client lib, not this PR per se, but this mix of snake_case and camelCase variables is really rough.
There was a problem hiding this comment.
Wanted to make the same comment but now consistently afraid of being called too pedantic or detail oriented :)
There was a problem hiding this comment.
Yes, it absolutely needs a cleanup. I'll try to find some time before the next breaking change, so it can come along then.
kong.conf.default
Outdated
| #dns_stale_ttl = 4 # Once a record expires, how much longer (in | ||
| # seconds) may the current stale record be | ||
| # used while the refresh query is executed in | ||
| # the background. |
There was a problem hiding this comment.
"Defines, in seconds, how long a record will remain in cache past its TTL. This value will be used while the new DNS record is fetched in the background." ?
There was a problem hiding this comment.
yes. So while the record is valid (within ttl) it is just being used. Once it expires, (stale) it will trigger a background re-query. Once that requery completes, the record is valid again. So this setting is the maximum time that a record will be used while being stale. When it is refreshed it is no longer stale, and when it doesn't refresh within this stale ttl time, then requests will no longer use the stale record (it will effectively be deleted by then from the cache), but will synchronously wait for completion of the dns query (which is similar to the very first query when there is no stale record yet, and requests will have to wait for the query to finish as well)
There was a problem hiding this comment.
Yes :) I was suggesting a re-word here, as its phrase awkwardly. My fault for not clarifying the meaning of this comment.
There was a problem hiding this comment.
I think what both @p0pr0ck5 and my comment were trying to say, is that both sentences in this description read a bit awkwardly, and could be phrased better while giving more information to the user.
There was a problem hiding this comment.
(If there are no other blockers for this merge I'd be happy to clean up the language and push).
p0pr0ck5
added
the
pr/changes requested
updates the dns lib to 0.6.0, adds the new `dns_stale_ttl` and `dns_no_sync` options.
Tieske
force-pushed
the
fix/ipv6-nameservers
branch
from
9c4d7e9 to
c230174
Compare
kong.conf.default
Outdated
| # record types. The `LAST` type means the | ||
| # type of the last successful lookup (for the | ||
| # specified name). The format is a (case | ||
| # insensitive) comma separated list. | ||
|
|
||
| #dns_not_found_ttl = 30.0 # ttl in seconds for empty DNS responses and | ||
| <<<<<<< HEAD |
Tieske
force-pushed
the
fix/ipv6-nameservers
branch
from
c230174 to
43d65b8
Compare
Tieske
added
pr/status/please review
and removed
pr/changes requested
allows the nameservers to be configured in both
ipv4andipv6format. And if the/etc/resolv.conffile containsipv6nameserver entries, they will be used as well.Fixes the "Error: Invalid configuration, no dns servers found" error on systems with only
ipv6nameservers configured.(this builds on top of PR #2625 )