From 9b85efbd0886c489278703010fd753260033e79f Mon Sep 17 00:00:00 2001 From: tamal Date: Tue, 20 Jun 2017 01:11:26 -0700 Subject: [PATCH 1/2] Add dns-resovler-check-health annotation to disable checks for ExternalName service. --- api/dns_resolver.go | 27 +++++++++++++++++---------- pkg/ingress/parser.go | 1 + pkg/ingress/template/template.go | 8 ++++---- pkg/ingress/types.go | 1 + 4 files changed, 23 insertions(+), 14 deletions(-) diff --git a/api/dns_resolver.go b/api/dns_resolver.go index f512d96d6..bba39c043 100644 --- a/api/dns_resolver.go +++ b/api/dns_resolver.go @@ -20,19 +20,21 @@ const ( hold timeout 30s hold valid 10s */ - UseDNSResolver = EngressKey + "/" + "use-dns-resolver" // Bool - DNSResolverNameservers = EngressKey + "/" + "dns-resolver-nameservers" // ["", ""] - DNSResolverRetries = EngressKey + "/" + "dns-resolver-retries" // int - DNSResolverTimeout = EngressKey + "/" + "dns-resolver-timeout" // {"event":"time","event":"time"} - DNSResolverHold = EngressKey + "/" + "dns-resolver-hold" // {"status":"period","status":"period"} + UseDNSResolver = EngressKey + "/" + "use-dns-resolver" // Bool + DNSResolverNameservers = EngressKey + "/" + "dns-resolver-nameservers" // ["", ""] + DNSResolverCheckHealth = EngressKey + "/" + "dns-resolver-check-health" // bool + DNSResolverRetries = EngressKey + "/" + "dns-resolver-retries" // int + DNSResolverTimeout = EngressKey + "/" + "dns-resolver-timeout" // {"event":"time","event":"time"} + DNSResolverHold = EngressKey + "/" + "dns-resolver-hold" // {"status":"period","status":"period"} ) type DNSResolver struct { - Name string - NameServer []string `json:"nameserver"` - Retries int `json:"retries"` - Timeout map[string]string `json:"timeout"` - Hold map[string]string `json:"hold"` + Name string + NameServer []string `json:"nameserver"` + CheckHealth bool `json:"checkHealth"` + Retries int `json:"retries"` + Timeout map[string]string `json:"timeout"` + Hold map[string]string `json:"hold"` } func DNSResolverForService(svc apiv1.Service) (useDNSResolver bool, resolver *DNSResolver, err error) { @@ -49,6 +51,11 @@ func DNSResolverForService(svc apiv1.Service) (useDNSResolver bool, resolver *DN if err != nil { return } + if ch, e2 := getBool(svc.Annotations, DNSResolverCheckHealth); e2 == nil { + resolver.CheckHealth = ch + } else { + resolver.CheckHealth = len(resolver.NameServer) > 0 + } resolver.Retries, err = getInt(svc.Annotations, DNSResolverRetries) if err != nil { return diff --git a/pkg/ingress/parser.go b/pkg/ingress/parser.go index 7cc879a86..d702f7b53 100644 --- a/pkg/ingress/parser.go +++ b/pkg/ingress/parser.go @@ -74,6 +74,7 @@ func (lbc *EngressController) serviceEndpoints(name string, port intstr.IntOrStr if ep.UseDNSResolver && resolver != nil { lbc.Parsed.DNSResolvers[resolver.Name] = resolver ep.DNSResolver = resolver.Name + ep.CheckHealth = resolver.CheckHealth } return []*Endpoint{&ep}, nil } diff --git a/pkg/ingress/template/template.go b/pkg/ingress/template/template.go index b49802252..b7a9cb881 100644 --- a/pkg/ingress/template/template.go +++ b/pkg/ingress/template/template.go @@ -103,7 +103,7 @@ backend default-backend {% for e in DefaultBackend.Endpoints %} {% if e.ExternalName %} {% if e.UseDNSResolver %} - server {{ e.Name }} {{ e.ExternalName }}:{{ e.Port }} {% if e.DNSResolver %} check resolvers {{ e.DNSResolver }} resolve-prefer ipv4 {% endif %} + server {{ e.Name }} {{ e.ExternalName }}:{{ e.Port }} {% if e.DNSResolver %} {% if e.CheckHealth %} check {% endif %} resolvers {{ e.DNSResolver }} resolve-prefer ipv4 {% endif %} {% elif not svc.Backends.BackendRules %} acl https ssl_fc http-request redirect location https://{{e.ExternalName}}:{{ e.Port }} code 301 if https @@ -157,7 +157,7 @@ backend https-{{ svc.Name }} {% for e in svc.Backends.Endpoints %} {% if e.ExternalName %} {% if e.UseDNSResolver %} - server {{ e.Name }} {{ e.ExternalName }}:{{ e.Port }} {% if e.DNSResolver %} check resolvers {{ e.DNSResolver }} resolve-prefer ipv4 {% endif %} + server {{ e.Name }} {{ e.ExternalName }}:{{ e.Port }} {% if e.DNSResolver %} {% if e.CheckHealth %} check {% endif %} resolvers {{ e.DNSResolver }} resolve-prefer ipv4 {% endif %} {% elif not svc.Backends.BackendRules %} http-request redirect location https://{{e.ExternalName}}:{{ e.Port }} code 301 {% endif %} @@ -204,7 +204,7 @@ backend http-{{ svc.Name }} {% for e in svc.Backends.Endpoints %} {% if e.ExternalName %} {% if e.UseDNSResolver %} - server {{ e.Name }} {{ e.ExternalName }}:{{ e.Port }} resolve-prefer ipv4 {% if e.DNSResolver %} check resolvers {{ e.DNSResolver }} {% endif %} + server {{ e.Name }} {{ e.ExternalName }}:{{ e.Port }} {% if e.DNSResolver %} {% if e.CheckHealth %} check {% endif %} resolvers {{ e.DNSResolver }} resolve-prefer ipv4 {% endif %} {% elif not svc.Backends.BackendRules %} http-request redirect location http://{{e.ExternalName}}:{{ e.Port }} code 301 {% endif %} @@ -240,7 +240,7 @@ backend tcp-{{ svc.Name }} {% for e in svc.Backends.Endpoints %} {% if e.ExternalName %} - server {{ e.Name }} {{ e.ExternalName }}:{{ e.Port }} {% if e.DNSResolver %} check resolvers {{ e.DNSResolver }} resolve-prefer ipv4 {% endif %} + server {{ e.Name }} {{ e.ExternalName }}:{{ e.Port }} {% if e.DNSResolver %} {% if e.CheckHealth %} check {% endif %} resolvers {{ e.DNSResolver }} resolve-prefer ipv4 {% endif %} {% else %} server {{ e.Name }} {{ e.IP }}:{{ e.Port }} {% if e.Weight %}weight {{ e.Weight|integer }} {% endif %} {% endif %} diff --git a/pkg/ingress/types.go b/pkg/ingress/types.go index a6eeaad4a..b0cf526e6 100644 --- a/pkg/ingress/types.go +++ b/pkg/ingress/types.go @@ -103,6 +103,7 @@ type Endpoint struct { ExternalName string UseDNSResolver bool DNSResolver string + CheckHealth bool } // Loadbalancer image is an almost constant type. From d5b7c26bac4ec3765ece110643b09efc4df3b240 Mon Sep 17 00:00:00 2001 From: tamal Date: Tue, 20 Jun 2017 01:13:00 -0700 Subject: [PATCH 2/2] added-all --- docs/user-guide/ingress/external-svc.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/user-guide/ingress/external-svc.md b/docs/user-guide/ingress/external-svc.md index fe5c58d34..9624dd9d8 100644 --- a/docs/user-guide/ingress/external-svc.md +++ b/docs/user-guide/ingress/external-svc.md @@ -10,6 +10,7 @@ dns, [DNS resolvers](https://cbonte.github.io/haproxy-dconv/1.7/configuration.ht |--------|-----------|----------|-------------| | ingress.appscode.com/use-dns-resolver | bool | false for L7, always true for L4 | If set, DNS resolution will be used | | ingress.appscode.com/dns-resolver-nameservers | array | | `Optional`. If set to an array of DNS nameservers, these will be used HAProxy to periodically resolve DNS. If not set, HAProxy parses the server line definition and matches a host name at start up. | +| ingress.appscode.com/dns-resolver-check-health | bool | | `Optional`. If nameservers are set, this defaults to `true`. Set to `false`, to disable periodic dns resolution. | | ingress.appscode.com/dns-resolver-retries | integer | | `Optional`. If set, this defines the number of queries to send to resolve a server name before giving up. If not set, default value pre-configured by HAProxy is used. | | ingress.appscode.com/dns-resolver-timeout | map | | `Optional`. If set, defines timeouts related to name resolution. Define value as '{ "event": "time" }'. For a list of valid events, please consult [HAProxy documentation](https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#5.3.2-timeout). | | ingress.appscode.com/dns-resolver-hold | map | | `Optional`. If set, Defines period during which the last name resolution should be kept based on last resolution status. Define value as '{ "status": "period" }'. For a list of valid status, please consult [HAProxy documentation](https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#5.3.2-hold). |