middleware/kubernetes/lookup.go

package kubernetes

import (
	"fmt"
	"math"
	"net"
	"time"

	"github.com/miekg/coredns/middleware"
	"github.com/miekg/coredns/middleware/kubernetes/msg"

	"github.com/miekg/dns"
)

func (k Kubernetes) records(state middleware.State, exact bool) ([]msg.Service, error) {
	services, err := k.Records(state.Name(), exact)
	if err != nil {
		return nil, err
	}
    // TODO: Do we want to support the SkyDNS (hacky) Group feature?
	services = msg.Group(services)
	return services, nil
}

func (k Kubernetes) A(zone string, state middleware.State, previousRecords []dns.RR) (records []dns.RR, err error) {
	services, err := k.records(state, false)
	if err != nil {
		return nil, err
	}

	for _, serv := range services {
		ip := net.ParseIP(serv.Host)
		switch {
		case ip == nil:
			// TODO(miek): lowercasing? Should lowercase in everything see #85
			if middleware.Name(state.Name()).Matches(dns.Fqdn(serv.Host)) {
				// x CNAME x is a direct loop, don't add those
				continue
			}

			newRecord := serv.NewCNAME(state.QName(), serv.Host)
			if len(previousRecords) > 7 {
				// don't add it, and just continue
				continue
			}
			if isDuplicateCNAME(newRecord, previousRecords) {
				continue
			}

			state1 := copyState(state, serv.Host, state.QType())
			nextRecords, err := k.A(zone, state1, append(previousRecords, newRecord))

			if err == nil {
				// Not only have we found something we should add the CNAME and the IP addresses.
				if len(nextRecords) > 0 {
					records = append(records, newRecord)
					records = append(records, nextRecords...)
				}
				continue
			}
			// This means we can not complete the CNAME, try to look else where.
			target := newRecord.Target
			if dns.IsSubDomain(zone, target) {
				// We should already have found it
				continue
			}
			m1, e1 := k.Proxy.Lookup(state, target, state.QType())
			if e1 != nil {
				continue
			}
			// Len(m1.Answer) > 0 here is well?
			records = append(records, newRecord)
			records = append(records, m1.Answer...)
			continue
		case ip.To4() != nil:
			records = append(records, serv.NewA(state.QName(), ip.To4()))
		case ip.To4() == nil:
			// nodata?
		}
	}
	return records, nil
}

func (k Kubernetes) AAAA(zone string, state middleware.State, previousRecords []dns.RR) (records []dns.RR, err error) {
	services, err := k.records(state, false)
	if err != nil {
		return nil, err
	}

	for _, serv := range services {
		ip := net.ParseIP(serv.Host)
		switch {
		case ip == nil:
			// Try to resolve as CNAME if it's not an IP, but only if we don't create loops.
			if middleware.Name(state.Name()).Matches(dns.Fqdn(serv.Host)) {
				// x CNAME x is a direct loop, don't add those
				continue
			}

			newRecord := serv.NewCNAME(state.QName(), serv.Host)
			if len(previousRecords) > 7 {
				// don't add it, and just continue
				continue
			}
			if isDuplicateCNAME(newRecord, previousRecords) {
				continue
			}

			state1 := copyState(state, serv.Host, state.QType())
			nextRecords, err := k.AAAA(zone, state1, append(previousRecords, newRecord))

			if err == nil {
				// Not only have we found something we should add the CNAME and the IP addresses.
				if len(nextRecords) > 0 {
					records = append(records, newRecord)
					records = append(records, nextRecords...)
				}
				continue
			}
			// This means we can not complete the CNAME, try to look else where.
			target := newRecord.Target
			if dns.IsSubDomain(zone, target) {
				// We should already have found it
				continue
			}
			m1, e1 := k.Proxy.Lookup(state, target, state.QType())
			if e1 != nil {
				continue
			}
			// Len(m1.Answer) > 0 here is well?
			records = append(records, newRecord)
			records = append(records, m1.Answer...)
			continue
			// both here again
		case ip.To4() != nil:
			// nada?
		case ip.To4() == nil:
			records = append(records, serv.NewAAAA(state.QName(), ip.To16()))
		}
	}
	return records, nil
}

// SRV returns SRV records from etcd.
// If the Target is not a name but an IP address, a name is created on the fly.
func (k Kubernetes) SRV(zone string, state middleware.State) (records []dns.RR, extra []dns.RR, err error) {
	services, err := k.records(state, false)
	if err != nil {
		return nil, nil, err
	}

	// Looping twice to get the right weight vs priority
	w := make(map[int]int)
	for _, serv := range services {
		weight := 100
		if serv.Weight != 0 {
			weight = serv.Weight
		}
		if _, ok := w[serv.Priority]; !ok {
			w[serv.Priority] = weight
			continue
		}
		w[serv.Priority] += weight
	}
	lookup := make(map[string]bool)
	for _, serv := range services {
		w1 := 100.0 / float64(w[serv.Priority])
		if serv.Weight == 0 {
			w1 *= 100
		} else {
			w1 *= float64(serv.Weight)
		}
		weight := uint16(math.Floor(w1))
		ip := net.ParseIP(serv.Host)
		switch {
		case ip == nil:
			srv := serv.NewSRV(state.QName(), weight)
			records = append(records, srv)

			if _, ok := lookup[srv.Target]; ok {
				break
			}

			lookup[srv.Target] = true

			if !dns.IsSubDomain(zone, srv.Target) {
				m1, e1 := k.Proxy.Lookup(state, srv.Target, dns.TypeA)
				if e1 == nil {
					extra = append(extra, m1.Answer...)
				}
				m1, e1 = k.Proxy.Lookup(state, srv.Target, dns.TypeAAAA)
				if e1 == nil {
					// If we have seen CNAME's we *assume* that they are already added.
					for _, a := range m1.Answer {
						if _, ok := a.(*dns.CNAME); !ok {
							extra = append(extra, a)
						}
					}
				}
				break
			}
			// Internal name, we should have some info on them, either v4 or v6
			// Clients expect a complete answer, because we are a recursor in their view.
			state1 := copyState(state, srv.Target, dns.TypeA)
			addr, e1 := k.A(zone, state1, nil)
			if e1 == nil {
				extra = append(extra, addr...)
			}
			// k.AAA(zone, state1, nil) as well...?
		case ip.To4() != nil:
			serv.Host = k.Domain(serv.Key)
			srv := serv.NewSRV(state.QName(), weight)

			records = append(records, srv)
			extra = append(extra, serv.NewA(srv.Target, ip.To4()))
		case ip.To4() == nil:
			serv.Host = k.Domain(serv.Key)
			srv := serv.NewSRV(state.QName(), weight)

			records = append(records, srv)
			extra = append(extra, serv.NewAAAA(srv.Target, ip.To16()))
		}
	}
	return records, extra, nil
}

// Returning MX records from kubernetes not implemented.
func (k Kubernetes) MX(zone string, state middleware.State) (records []dns.RR, extra []dns.RR, err error) {
    return nil, nil, err
}

// Returning CNAME records from kubernetes not implemented.
func (k Kubernetes) CNAME(zone string, state middleware.State) (records []dns.RR, err error) {
    return nil, err
}

// Returning TXT records from kubernetes not implemented.
func (k Kubernetes) TXT(zone string, state middleware.State) (records []dns.RR, err error) {
    return nil, err
}

func (k Kubernetes) NS(zone string, state middleware.State) (records, extra []dns.RR, err error) {
	// NS record for this zone live in a special place, ns.dns.<zone>. Fake our lookup.
	// only a tad bit fishy...
	old := state.QName()

	state.Clear()
	state.Req.Question[0].Name = "ns.dns." + zone
	services, err := k.records(state, false)
	if err != nil {
		return nil, nil, err
	}
	// ... and reset
	state.Req.Question[0].Name = old

	for _, serv := range services {
		ip := net.ParseIP(serv.Host)
		switch {
		case ip == nil:
			return nil, nil, fmt.Errorf("NS record must be an IP address: %s", serv.Host)
		case ip.To4() != nil:
			serv.Host = k.Domain(serv.Key)
			records = append(records, serv.NewNS(state.QName()))
			extra = append(extra, serv.NewA(serv.Host, ip.To4()))
		case ip.To4() == nil:
			serv.Host = k.Domain(serv.Key)
			records = append(records, serv.NewNS(state.QName()))
			extra = append(extra, serv.NewAAAA(serv.Host, ip.To16()))
		}
	}
	return records, extra, nil
}

// SOA Record returns a SOA record.
func (k Kubernetes) SOA(zone string, state middleware.State) *dns.SOA {
	header := dns.RR_Header{Name: zone, Rrtype: dns.TypeSOA, Ttl: 300, Class: dns.ClassINET}
	return &dns.SOA{Hdr: header,
		Mbox:    "hostmaster." + zone,
		Ns:      "ns.dns." + zone,
		Serial:  uint32(time.Now().Unix()),
		Refresh: 7200,
		Retry:   1800,
		Expire:  86400,
		Minttl:  60,
	}
}

// TODO(miek): DNSKEY and friends... intercepted by the DNSSEC middleware?

func isDuplicateCNAME(r *dns.CNAME, records []dns.RR) bool {
	for _, rec := range records {
		if v, ok := rec.(*dns.CNAME); ok {
			if v.Target == r.Target {
				return true
			}
		}
	}
	return false
}

func copyState(state middleware.State, target string, typ uint16) middleware.State {
	state1 := middleware.State{W: state.W, Req: state.Req.Copy()}
	state1.Req.Question[0] = dns.Question{dns.Fqdn(target), dns.ClassINET, typ}
	return state1
}
BK8s datasource middleware -- PoC for A records (#153) * Laying down kubernetes middleware foundation * Duplicated a bunch of code form etcd middleware * Duplicated code hacked to compile and load as a separate middleware * Adding verbose build option to Makefile * Removing stubzone and tls support tls and stubzone support was carried over from base etcd middleware code. Removing to simplify the kube middleware implementation. (For now.) * Adding conf directory for sample conf files * Removing stubzone support from query handler * Remove upstream and proxy from k8s corefile. Not sure that upstream or proxy makes sense for a k8s backed zone. * Comment out use of singleflight serialization * Removing parsing support for "upstream" directive from k8s * Removing upstream directive parsing code * Removing CNAME and TXT lookup implementation * Create README.md Brain-dump of DNS record name assembly and open work items. * Adding notes about wildcard handling * Adding basic k8s API client * Fleshing out methods on k8s connector * Remove PathPrefix from middleware init * Removing incorrect plural * Adding brute-force k8s service lookup functions * Initializing k8s API connector during startup * Hacking around to call k8s connector * Parsing incoming domain name into serviceName and namespace * Improving and simplifying k8s zone matching and label segmentation * Removing unused functions carried over from etcd middleware * Adding basic return of k8s data to DNS client * updated debugging println statements to flag with "[debug]" * removed code in kubernetes.go::Records that was a hold-over from etcd middleware. * Removed some random exploratory hacking. * Minior README.md updates * Updating with demo instructions * Updating README.md with CoreFile and removing completed TODO items * Updating conf file and README to reflect DNS response cache works * Disabling DNS response caching * Adding debug statement on entry to Records() * Changing port number in exampes to port 53. * Misc style and clarity changes * Removing empty function definitions * Adding comment to track future cleanup * Refactoring README to follow style of other middleware * Exposing dataobject field (typo) 2016-06-06 12:49:53 -07:00			`package kubernetes`

			`import (`
			`"fmt"`
			`"math"`
			`"net"`
			`"time"`

			`"github.com/miekg/coredns/middleware"`
			`"github.com/miekg/coredns/middleware/kubernetes/msg"`

			`"github.com/miekg/dns"`
			`)`

			`func (k Kubernetes) records(state middleware.State, exact bool) ([]msg.Service, error) {`
			`services, err := k.Records(state.Name(), exact)`
			`if err != nil {`
			`return nil, err`
			`}`
			`// TODO: Do we want to support the SkyDNS (hacky) Group feature?`
			`services = msg.Group(services)`
			`return services, nil`
			`}`

			`func (k Kubernetes) A(zone string, state middleware.State, previousRecords []dns.RR) (records []dns.RR, err error) {`
			`services, err := k.records(state, false)`
			`if err != nil {`
			`return nil, err`
			`}`

			`for _, serv := range services {`
			`ip := net.ParseIP(serv.Host)`
			`switch {`
			`case ip == nil:`
			`// TODO(miek): lowercasing? Should lowercase in everything see #85`
			`if middleware.Name(state.Name()).Matches(dns.Fqdn(serv.Host)) {`
			`// x CNAME x is a direct loop, don't add those`
			`continue`
			`}`

			`newRecord := serv.NewCNAME(state.QName(), serv.Host)`
			`if len(previousRecords) > 7 {`
			`// don't add it, and just continue`
			`continue`
			`}`
			`if isDuplicateCNAME(newRecord, previousRecords) {`
			`continue`
			`}`

			`state1 := copyState(state, serv.Host, state.QType())`
			`nextRecords, err := k.A(zone, state1, append(previousRecords, newRecord))`

			`if err == nil {`
			`// Not only have we found something we should add the CNAME and the IP addresses.`
			`if len(nextRecords) > 0 {`
			`records = append(records, newRecord)`
			`records = append(records, nextRecords...)`
			`}`
			`continue`
			`}`
			`// This means we can not complete the CNAME, try to look else where.`
			`target := newRecord.Target`
			`if dns.IsSubDomain(zone, target) {`
			`// We should already have found it`
			`continue`
			`}`
			`m1, e1 := k.Proxy.Lookup(state, target, state.QType())`
			`if e1 != nil {`
			`continue`
			`}`
			`// Len(m1.Answer) > 0 here is well?`
			`records = append(records, newRecord)`
			`records = append(records, m1.Answer...)`
			`continue`
			`case ip.To4() != nil:`
			`records = append(records, serv.NewA(state.QName(), ip.To4()))`
			`case ip.To4() == nil:`
			`// nodata?`
			`}`
			`}`
			`return records, nil`
			`}`

			`func (k Kubernetes) AAAA(zone string, state middleware.State, previousRecords []dns.RR) (records []dns.RR, err error) {`
			`services, err := k.records(state, false)`
			`if err != nil {`
			`return nil, err`
			`}`

			`for _, serv := range services {`
			`ip := net.ParseIP(serv.Host)`
			`switch {`
			`case ip == nil:`
			`// Try to resolve as CNAME if it's not an IP, but only if we don't create loops.`
			`if middleware.Name(state.Name()).Matches(dns.Fqdn(serv.Host)) {`
			`// x CNAME x is a direct loop, don't add those`
			`continue`
			`}`

			`newRecord := serv.NewCNAME(state.QName(), serv.Host)`
			`if len(previousRecords) > 7 {`
			`// don't add it, and just continue`
			`continue`
			`}`
			`if isDuplicateCNAME(newRecord, previousRecords) {`
			`continue`
			`}`

			`state1 := copyState(state, serv.Host, state.QType())`
			`nextRecords, err := k.AAAA(zone, state1, append(previousRecords, newRecord))`

			`if err == nil {`
			`// Not only have we found something we should add the CNAME and the IP addresses.`
			`if len(nextRecords) > 0 {`
			`records = append(records, newRecord)`
			`records = append(records, nextRecords...)`
			`}`
			`continue`
			`}`
			`// This means we can not complete the CNAME, try to look else where.`
			`target := newRecord.Target`
			`if dns.IsSubDomain(zone, target) {`
			`// We should already have found it`
			`continue`
			`}`
			`m1, e1 := k.Proxy.Lookup(state, target, state.QType())`
			`if e1 != nil {`
			`continue`
			`}`
			`// Len(m1.Answer) > 0 here is well?`
			`records = append(records, newRecord)`
			`records = append(records, m1.Answer...)`
			`continue`
			`// both here again`
			`case ip.To4() != nil:`
			`// nada?`
			`case ip.To4() == nil:`
			`records = append(records, serv.NewAAAA(state.QName(), ip.To16()))`
			`}`
			`}`
			`return records, nil`
			`}`

			`// SRV returns SRV records from etcd.`
			`// If the Target is not a name but an IP address, a name is created on the fly.`
			`func (k Kubernetes) SRV(zone string, state middleware.State) (records []dns.RR, extra []dns.RR, err error) {`
			`services, err := k.records(state, false)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`// Looping twice to get the right weight vs priority`
			`w := make(map[int]int)`
			`for _, serv := range services {`
			`weight := 100`
			`if serv.Weight != 0 {`
			`weight = serv.Weight`
			`}`
			`if _, ok := w[serv.Priority]; !ok {`
			`w[serv.Priority] = weight`
			`continue`
			`}`
			`w[serv.Priority] += weight`
			`}`
			`lookup := make(map[string]bool)`
			`for _, serv := range services {`
			`w1 := 100.0 / float64(w[serv.Priority])`
			`if serv.Weight == 0 {`
			`w1 *= 100`
			`} else {`
			`w1 *= float64(serv.Weight)`
			`}`
			`weight := uint16(math.Floor(w1))`
			`ip := net.ParseIP(serv.Host)`
			`switch {`
			`case ip == nil:`
			`srv := serv.NewSRV(state.QName(), weight)`
			`records = append(records, srv)`

			`if _, ok := lookup[srv.Target]; ok {`
			`break`
			`}`

			`lookup[srv.Target] = true`

			`if !dns.IsSubDomain(zone, srv.Target) {`
			`m1, e1 := k.Proxy.Lookup(state, srv.Target, dns.TypeA)`
			`if e1 == nil {`
			`extra = append(extra, m1.Answer...)`
			`}`
			`m1, e1 = k.Proxy.Lookup(state, srv.Target, dns.TypeAAAA)`
			`if e1 == nil {`
			`// If we have seen CNAME's we assume that they are already added.`
			`for _, a := range m1.Answer {`
			`if _, ok := a.(*dns.CNAME); !ok {`
			`extra = append(extra, a)`
			`}`
			`}`
			`}`
			`break`
			`}`
			`// Internal name, we should have some info on them, either v4 or v6`
			`// Clients expect a complete answer, because we are a recursor in their view.`
			`state1 := copyState(state, srv.Target, dns.TypeA)`
			`addr, e1 := k.A(zone, state1, nil)`
			`if e1 == nil {`
			`extra = append(extra, addr...)`
			`}`
			`// k.AAA(zone, state1, nil) as well...?`
			`case ip.To4() != nil:`
			`serv.Host = k.Domain(serv.Key)`
			`srv := serv.NewSRV(state.QName(), weight)`

			`records = append(records, srv)`
			`extra = append(extra, serv.NewA(srv.Target, ip.To4()))`
			`case ip.To4() == nil:`
			`serv.Host = k.Domain(serv.Key)`
			`srv := serv.NewSRV(state.QName(), weight)`

			`records = append(records, srv)`
			`extra = append(extra, serv.NewAAAA(srv.Target, ip.To16()))`
			`}`
			`}`
			`return records, extra, nil`
			`}`

			`// Returning MX records from kubernetes not implemented.`
			`func (k Kubernetes) MX(zone string, state middleware.State) (records []dns.RR, extra []dns.RR, err error) {`
			`return nil, nil, err`
			`}`

			`// Returning CNAME records from kubernetes not implemented.`
			`func (k Kubernetes) CNAME(zone string, state middleware.State) (records []dns.RR, err error) {`
			`return nil, err`
			`}`

			`// Returning TXT records from kubernetes not implemented.`
			`func (k Kubernetes) TXT(zone string, state middleware.State) (records []dns.RR, err error) {`
			`return nil, err`
			`}`

			`func (k Kubernetes) NS(zone string, state middleware.State) (records, extra []dns.RR, err error) {`
			`// NS record for this zone live in a special place, ns.dns.<zone>. Fake our lookup.`
			`// only a tad bit fishy...`
			`old := state.QName()`

			`state.Clear()`
			`state.Req.Question[0].Name = "ns.dns." + zone`
			`services, err := k.records(state, false)`
			`if err != nil {`
			`return nil, nil, err`
			`}`
			`// ... and reset`
			`state.Req.Question[0].Name = old`

			`for _, serv := range services {`
			`ip := net.ParseIP(serv.Host)`
			`switch {`
			`case ip == nil:`
			`return nil, nil, fmt.Errorf("NS record must be an IP address: %s", serv.Host)`
			`case ip.To4() != nil:`
			`serv.Host = k.Domain(serv.Key)`
			`records = append(records, serv.NewNS(state.QName()))`
			`extra = append(extra, serv.NewA(serv.Host, ip.To4()))`
			`case ip.To4() == nil:`
			`serv.Host = k.Domain(serv.Key)`
			`records = append(records, serv.NewNS(state.QName()))`
			`extra = append(extra, serv.NewAAAA(serv.Host, ip.To16()))`
			`}`
			`}`
			`return records, extra, nil`
			`}`

			`// SOA Record returns a SOA record.`
			`func (k Kubernetes) SOA(zone string, state middleware.State) *dns.SOA {`
			`header := dns.RR_Header{Name: zone, Rrtype: dns.TypeSOA, Ttl: 300, Class: dns.ClassINET}`
			`return &dns.SOA{Hdr: header,`
			`Mbox: "hostmaster." + zone,`
			`Ns: "ns.dns." + zone,`
			`Serial: uint32(time.Now().Unix()),`
			`Refresh: 7200,`
			`Retry: 1800,`
			`Expire: 86400,`
			`Minttl: 60,`
			`}`
			`}`

			`// TODO(miek): DNSKEY and friends... intercepted by the DNSSEC middleware?`

			`func isDuplicateCNAME(r *dns.CNAME, records []dns.RR) bool {`
			`for _, rec := range records {`
			`if v, ok := rec.(*dns.CNAME); ok {`
			`if v.Target == r.Target {`
			`return true`
			`}`
			`}`
			`}`
			`return false`
			`}`

			`func copyState(state middleware.State, target string, typ uint16) middleware.State {`
			`state1 := middleware.State{W: state.W, Req: state.Req.Copy()}`
			`state1.Req.Question[0] = dns.Question{dns.Fqdn(target), dns.ClassINET, typ}`
			`return state1`
			`}`