New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
plugin/fallback: proxy request in case of error returned by downstream plugins #1382
Comments
Work in progress - by @yongtang |
icky, but interesting :) about the proposed syntax: you probably want to prefix it (optionally) with a scheme: I think it would be good to keep this outside proxy, as that one is (too) complex already. |
wrt to the "NOTE" on "the whole CoreDNS being unhealthy" - I think you mean if all the proxy endpoints are unhealthy we would use this fallback list? |
[ Quoting <notifications@github.com> in "Re: [coredns/coredns] WIP - plugin/..." ]
wrt to the "NOTE" on "the whole CoreDNS being unhealthy" - I think you mean if all the proxy endpoints are unhealthy we would use this fallback list?
Why wouldn't just adding these fallbacks in the proxy config result in the same
behavior? (Except for the routing)
|
You mean when they are all unhealthy? I think it could except in our case it's different protocols, and we don't have the For the routing piece ( |
[ Quoting <notifications@github.com> in "Re: [coredns/coredns] WIP - plugin/..." ]
You mean when they are all unhealthy? I think it could except in our case it's different protocols, and we don't have the `forward` plugin style upstream specification in proxy yet. So, the proxy will be using gRPC, but if all of our upstream gRPC endpoints are dead, we would fallback to ordinary UDP.
For the routing piece (`on RCODE`), we didn't want to add more stuff to the proxy plugin. So that's why we're thinking a separate plugin.
+1 for new plugin.
|
Let's rephrase the problem here. I think the issue is the In case an endpoint is declared as So the issue is really about adding an |
Meta note: I think this plugin should live in it's own repo, just like forward? We can still add them by default by pointing |
@yongtang the issue is that we need to fallback to regular DNS if gRPC proxy is failing. So, it's changing the proxy protocol in addition to changing the endpoint IP/port. proxy already has a lot of stuff in it, so that's why a separate plugin. If we change proxy to use the URI-like format for endpoints (udp://, tcp://, grpc://, etc.), then your suggestion of creating |
Here was the original description (internal email):
So, it's actually pretty simple:
|
In case of SERVERFAIL returned by previous proxy plugin, the message is forwarded to 10.10.10.10:100 but 10.10.10.10:100 could return NXDOMAIN or SERVFAIL as well. What is the behavior of SERVFAIL returned by 10.10.10.10:100? Should SERVFAIL returned by 10.10.10.10:100 to try 8.8.8.8:53? If SERVFAIL returned by 10.10.10.10:100 is always Any this has not take into consideration of NXDOMAIN by 10.10.10.10:100 (as NXDOMAIN was specified earlier). |
#612 might be related. |
Here is the original requirement (for DFP):
The |
The specification should really be:
As each action could only be forwarded to one endpoint so |
Why? There is some default logic in the proxy as to when to go to the next endpoint. That same logic applies here if multiple endpoints are listed. The "special" logic only applies to the original proxy rcode. Not to the subsequent calls. So, if you had multiple actions, they would apply ONLY based on the RCODE from the original request, not subsequent requests made by this plugin. This way there is no chance of loops. |
This is more like a "forked" version of |
Let's take offline. I think more discussion about the design might be needed. |
The idea is to check the return of regular downstream plugins, and be able to redirect the query to a 'fallback' proxy base on the code error returned.
NOTE: we would like use similar if the whole CoreDNS service is unhealthy.
proposition for config:
Example:
So, you can have as many ”on” directives as you want. It could potentially re-use the proxy code so it could also accept any proxy options.
The usage right now would be to fallback in following cases:
1 CoreDNS is unhealthy (the whole stack is bypassed in this case)
2. Grpc communication is broken - one of the plugin cannot do its job.
3. REFUSED response.
NOTE: that could be en enhancement of proxy plugin, but we could make more generic as a separated plugin.
However, would need this plugin to be placed on top of order of the list of plugins.
NOTE: Right now the needs is for a real use case at Infoblox, proposition of plugin is from @johnbelamaric .
The text was updated successfully, but these errors were encountered: