-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New TXT record breaks downward compatibility by retroactively limiting record length #2839
Comments
We set Since the new record type is appended after I understand |
We were just hit by this too, as the safeties we have in place to make sure our DNS names are not too long is no longer correct due to this new max length limitation. What makes it worse for us is any error in updating records causes no records to be updated, so it just takes one bad DNS name to break DNS updates for everyone. |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
We are also experiencing this. Is there any workaround? |
/remove-lifecycle stale |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close not-planned |
@k8s-triage-robot: Closing this issue, marking it as "Not Planned". In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/reopen |
@jullianow: You can't reopen an issue/PR unless you authored it or you are a collaborator. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/remove-lifecycle rotten |
/reopen |
@rodolphobarbosa: You can't reopen an issue/PR unless you authored it or you are a collaborator. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Are there any updates? I've observed that even with external-dns 0.14.0 one bad DNS name still causes external-dns to crash loop. |
I still have this problem too, even with the latest version. |
I have same problem here. Is it possible to change the prefix to use . instead of -. For aws alias can have a cname.the-original-domain-name.something.com Otherwise, for current status: If the original domain is 63 characters long, after adding the cname- prefix, it'll be failed when creating the new TXT record. Next time when there is any changes on the record, external-dns may not be able to recognize the a record. It may fail to update it. |
What happened:
The change to the TXT registry introduced in #2157 breaks downward compatibility by retroactively limiting the maximum length of managed records. This means even with #2811 implemented, there will be cases where an upgrade from pre 0.12.0 to 0.12.0 will not be possible.
As adressed in #2816, the maximum length of a record is 63 characters. This also holds true for the registry TXT. To avoid CNAME conflicts, it is already necessary to use a prefix or suffix for the TXT records, limiting the maximum length of managed records to 62 characters in the best case (and even less if the suffix/prefix is longer than one character).
Adding the record type to the TXT record reduces the maximum length of the managed record to
63 - [prefix/suffix] - [record type]
. This breaks downward compatibility with all setups with already existing records with longer record names than63 - [prefix/suffix] - [record type]
, without an option for the user to change this behavior. If such records exist, creating the TXT record that includes the record type will fail.Even without the whole backwards compatibility issue: #2157 adds a limiting factor that will pretty much seem random to end users, as the implementation results in a situation where for example A records can be longer than CNAME records.
What you expected to happen:
external-dns providing an option to disable the creation of the record type TXT record or (if this is the only remaining TXT record type in the future) an option to disable adding the record type to the registry TXT record.
How to reproduce it (as minimally and precisely as possible):
Use external-dns < 0.12.0, use a single character txt-suffix (for example "-"), add a cname record with 62 characters (for example "thisisarecordwithareallyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyylongname.some.domain") and then upgrade to external-dns 0.12.0 and trigger a reconcile.
This should result in external-dns trying to create the TXT records "thisisarecordwithareallyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyylongname-.some.domain" and "cname-thisisarecordwithareallyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyylongname-.some.domain", with the latter failing as it viloates RFC1035.
Anything else we need to know?:
Environment:
The text was updated successfully, but these errors were encountered: