-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fqdn: Make maximum number of IPs per restored rule configurable #13992
fqdn: Make maximum number of IPs per restored rule configurable #13992
Conversation
Only count the number of IPs for each FQDN selector/rule when storing rules for restoration, rather than ignoring later rules on a port after previous rules have hit the maximum number of IPs. Make the maximum number of IPs per restored rule configurable with the new option '--tofqdns-max-ips-per-restored-rule' (default 1000). Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
af3944f
to
4f364ea
Compare
test-me-please |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, one minor nit.
@@ -193,7 +193,7 @@ func (s *DNSProxyTestSuite) SetUpTest(c *C) { | |||
s.dnsServer = setupServer(c) | |||
c.Assert(s.dnsServer, Not(IsNil), Commentf("unable to setup DNS server")) | |||
|
|||
proxy, err := StartDNSProxy("", 0, true, // any address, any port, enable compression | |||
proxy, err := StartDNSProxy("", 0, true, 1000, // any address, any port, enable compression, max 1000 restore IPs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Might make sense to use the new default here instead of hardcoding 1000
.
v1.7 backport in #13993 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agent changes LGTM 👍
[ upstream commit a218052 ] Restored DNS proxy rules are DNS rules, not ToFQDNs rules. Fixes: #13991 Fixes: #13992 v1.8 backport: fixed conflict on Documentation/cmdref/cilium-agent.md and pkg/option/config.go:2461 Signed-off-by: Jarno Rajahalme <jarno@covalent.io> Signed-off-by: Alexandre Perrin <alex@kaworu.ch>
[ upstream commit a218052 ] Restored DNS proxy rules are DNS rules, not ToFQDNs rules. Fixes: #13991 Fixes: #13992 v1.8 backport: fixed conflict on Documentation/cmdref/cilium-agent.md and pkg/option/config.go:2461 Signed-off-by: Jarno Rajahalme <jarno@covalent.io> Signed-off-by: Alexandre Perrin <alex@kaworu.ch>
[ upstream commit a218052 ] Restored DNS proxy rules are DNS rules, not ToFQDNs rules. Fixes: #13991 Fixes: #13992 v1.8 backport: fixed conflict on Documentation/cmdref/cilium-agent.md and pkg/option/config.go:2461 Signed-off-by: Jarno Rajahalme <jarno@covalent.io> Signed-off-by: Alexandre Perrin <alex@kaworu.ch>
Only count the number of IPs for each FQDN selector/rule when storing
rules for restoration, rather than ignoring later rules on a port
after previous rules have hit the maximum number of IPs.
Make the maximum number of IPs per restored rule configurable with the
new option
--tofqdns-max-ips-per-restored-rule
(default 1000).Signed-off-by: Jarno Rajahalme jarno@covalent.io