plugin/k8s_external: implement zone transfers (#4977)

Implement transfer for k8s_external. Notifies not supported. Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
2025-11-01 18:53:43 -04:00 · 2022-03-07 12:16:24 -05:00
parent 267ce8a820
commit 7263808fe1
17 changed files with 493 additions and 30 deletions
--- a/plugin/kubernetes/controller.go
+++ b/plugin/kubernetes/controller.go
@@ -45,15 +45,19 @@ type dnsController interface {
 	HasSynced() bool
 	Stop() error

-	// Modified returns the timestamp of the most recent changes
-	Modified() int64
+	// Modified returns the timestamp of the most recent changes to services.  If the passed bool is true, it should
+	// return the timestamp of the most recent changes to services with external facing IP addresses
+	Modified(bool) int64
 }

 type dnsControl struct {
-	// Modified tracks timestamp of the most recent changes
+	// modified tracks timestamp of the most recent changes
 	// It needs to be first because it is guaranteed to be 8-byte
 	// aligned ( we use sync.LoadAtomic with this )
 	modified int64
+	// extModified tracks timestamp of the most recent changes to
+	// services with external facing IP addresses
+	extModified int64

 	client kubernetes.Interface

@@ -572,7 +576,13 @@ func (dns *dnsControl) detectChanges(oldObj, newObj interface{}) {
 	}
 	switch ob := obj.(type) {
 	case *object.Service:
-		dns.updateModified()
+		imod, emod := serviceModified(oldObj, newObj)
+		if imod {
+			dns.updateModified()
+		}
+		if emod {
+			dns.updateExtModifed()
+		}
 	case *object.Pod:
 		dns.updateModified()
 	case *object.Endpoints:
@@ -646,9 +656,66 @@ func endpointsEquivalent(a, b *object.Endpoints) bool {
 	return true
 }

-func (dns *dnsControl) Modified() int64 {
-	unix := atomic.LoadInt64(&dns.modified)
-	return unix
+// serviceModified checks the services passed for changes that result in changes
+// to internal and or external records.  It returns two booleans, one for internal
+// record changes, and a second for external record changes
+func serviceModified(oldObj, newObj interface{}) (intSvc, extSvc bool) {
+	if oldObj != nil && newObj == nil {
+		// deleted service only modifies external zone records if it had external ips
+		return true, len(oldObj.(*object.Service).ExternalIPs) > 0
+	}
+
+	if oldObj == nil && newObj != nil {
+		// added service only modifies external zone records if it has external ips
+		return true, len(newObj.(*object.Service).ExternalIPs) > 0
+	}
+
+	newSvc := newObj.(*object.Service)
+	oldSvc := oldObj.(*object.Service)
+
+	// External IPs are mutable, affecting external zone records
+	if len(oldSvc.ExternalIPs) != len(newSvc.ExternalIPs) {
+		extSvc = true
+	} else {
+		for i := range oldSvc.ExternalIPs {
+			if oldSvc.ExternalIPs[i] != newSvc.ExternalIPs[i] {
+				extSvc = true
+				break
+			}
+		}
+	}
+
+	// ExternalName is mutable, affecting internal zone records
+	intSvc = oldSvc.ExternalName != newSvc.ExternalName
+
+	if intSvc && extSvc {
+		return intSvc, extSvc
+	}
+
+	// All Port fields are mutable, affecting both internal/external zone records
+	if len(oldSvc.Ports) != len(newSvc.Ports) {
+		return true, true
+	}
+	for i := range oldSvc.Ports {
+		if oldSvc.Ports[i].Name != newSvc.Ports[i].Name {
+			return true, true
+		}
+		if oldSvc.Ports[i].Port != newSvc.Ports[i].Port {
+			return true, true
+		}
+		if oldSvc.Ports[i].Protocol != newSvc.Ports[i].Protocol {
+			return true, true
+		}
+	}
+
+	return intSvc, extSvc
+}
+
+func (dns *dnsControl) Modified(external bool) int64 {
+	if external {
+		return atomic.LoadInt64(&dns.extModified)
+	}
+	return atomic.LoadInt64(&dns.modified)
 }

 // updateModified set dns.modified to the current time.
@@ -657,6 +724,12 @@ func (dns *dnsControl) updateModified() {
 	atomic.StoreInt64(&dns.modified, unix)
 }

+// updateExtModified set dns.extModified to the current time.
+func (dns *dnsControl) updateExtModifed() {
+	unix := time.Now().Unix()
+	atomic.StoreInt64(&dns.extModified, unix)
+}
+
 var errObj = errors.New("obj was not of the correct type")

 const defaultResyncPeriod = 0
--- a/plugin/kubernetes/controller_test.go
+++ b/plugin/kubernetes/controller_test.go
@@ -6,6 +6,7 @@ import (
 	"strconv"
 	"testing"

+	"github.com/coredns/coredns/plugin/kubernetes/object"
 	"github.com/coredns/coredns/plugin/test"

 	"github.com/miekg/dns"
@@ -170,3 +171,68 @@ func createExternalSvc(suffix int, client kubernetes.Interface, ip net.IP) {
 		},
 	}, meta.CreateOptions{})
 }
+
+func TestServiceModified(t *testing.T) {
+	var tests = []struct {
+		oldSvc   interface{}
+		newSvc   interface{}
+		ichanged bool
+		echanged bool
+	}{
+		{
+			oldSvc:   nil,
+			newSvc:   &object.Service{},
+			ichanged: true,
+			echanged: false,
+		},
+		{
+			oldSvc:   &object.Service{},
+			newSvc:   nil,
+			ichanged: true,
+			echanged: false,
+		},
+		{
+			oldSvc:   nil,
+			newSvc:   &object.Service{ExternalIPs: []string{"10.0.0.1"}},
+			ichanged: true,
+			echanged: true,
+		},
+		{
+			oldSvc:   &object.Service{ExternalIPs: []string{"10.0.0.1"}},
+			newSvc:   nil,
+			ichanged: true,
+			echanged: true,
+		},
+		{
+			oldSvc:   &object.Service{ExternalIPs: []string{"10.0.0.1"}},
+			newSvc:   &object.Service{ExternalIPs: []string{"10.0.0.2"}},
+			ichanged: false,
+			echanged: true,
+		},
+		{
+			oldSvc:   &object.Service{ExternalName: "10.0.0.1"},
+			newSvc:   &object.Service{ExternalName: "10.0.0.2"},
+			ichanged: true,
+			echanged: false,
+		},
+		{
+			oldSvc:   &object.Service{Ports: []api.ServicePort{{Name: "test1"}}},
+			newSvc:   &object.Service{Ports: []api.ServicePort{{Name: "test2"}}},
+			ichanged: true,
+			echanged: true,
+		},
+		{
+			oldSvc:   &object.Service{Ports: []api.ServicePort{{Name: "test1"}}},
+			newSvc:   &object.Service{Ports: []api.ServicePort{{Name: "test2"}, {Name: "test3"}}},
+			ichanged: true,
+			echanged: true,
+		},
+	}
+
+	for i, test := range tests {
+		ichanged, echanged := serviceModified(test.oldSvc, test.newSvc)
+		if test.ichanged != ichanged || test.echanged != echanged {
+			t.Errorf("Expected %v, %v for test %v. Got %v, %v", test.ichanged, test.echanged, i, ichanged, echanged)
+		}
+	}
+}
--- a/plugin/kubernetes/external.go
+++ b/plugin/kubernetes/external.go
@@ -88,3 +88,26 @@ func (k *Kubernetes) ExternalAddress(state request.Request) []dns.RR {
 	// plugin to bind to a different IP address.
 	return k.nsAddrs(true, state.Zone)
 }
+
+// ExternalServices returns all services with external IPs
+func (k *Kubernetes) ExternalServices(zone string) (services []msg.Service) {
+	zonePath := msg.Path(zone, coredns)
+	for _, svc := range k.APIConn.ServiceList() {
+		for _, ip := range svc.ExternalIPs {
+			for _, p := range svc.Ports {
+				s := msg.Service{Host: ip, Port: int(p.Port), TTL: k.ttl}
+				s.Key = strings.Join([]string{zonePath, svc.Namespace, svc.Name}, "/")
+				services = append(services, s)
+				s.Key = strings.Join(append([]string{zonePath, svc.Namespace, svc.Name}, strings.ToLower("_"+string(p.Protocol)), strings.ToLower("_"+string(p.Name))), "/")
+				s.TargetStrip = 2
+				services = append(services, s)
+			}
+		}
+	}
+	return services
+}
+
+//ExternalSerial returns the serial of the external zone
+func (k *Kubernetes) ExternalSerial(string) uint32 {
+	return uint32(k.APIConn.Modified(true))
+}
--- a/plugin/kubernetes/external_test.go
+++ b/plugin/kubernetes/external_test.go
@@ -80,7 +80,7 @@ func (external) Run()
 func (external) Stop() error                                                       { return nil }
 func (external) EpIndexReverse(string) []*object.Endpoints                         { return nil }
 func (external) SvcIndexReverse(string) []*object.Service                          { return nil }
-func (external) Modified() int64                                                   { return 0 }
+func (external) Modified(bool) int64                                               { return 0 }
 func (external) EpIndex(s string) []*object.Endpoints                              { return nil }
 func (external) EndpointsList() []*object.Endpoints                                { return nil }
 func (external) GetNodeByName(ctx context.Context, name string) (*api.Node, error) { return nil, nil }
--- a/plugin/kubernetes/handler_test.go
+++ b/plugin/kubernetes/handler_test.go
@@ -541,7 +541,7 @@ func (APIConnServeTest) Run()                                      {}
 func (APIConnServeTest) Stop() error                               { return nil }
 func (APIConnServeTest) EpIndexReverse(string) []*object.Endpoints { return nil }
 func (APIConnServeTest) SvcIndexReverse(string) []*object.Service  { return nil }
-func (APIConnServeTest) Modified() int64                           { return int64(3) }
+func (APIConnServeTest) Modified(bool) int64                       { return int64(3) }

 func (APIConnServeTest) PodIndex(ip string) []*object.Pod {
 	if ip != "10.240.0.1" {
--- a/plugin/kubernetes/kubernetes.go
+++ b/plugin/kubernetes/kubernetes.go
@@ -588,7 +588,7 @@ func (k *Kubernetes) findServices(r recordRequest, zone string) (services []msg.
 }

 // Serial return the SOA serial.
-func (k *Kubernetes) Serial(state request.Request) uint32 { return uint32(k.APIConn.Modified()) }
+func (k *Kubernetes) Serial(state request.Request) uint32 { return uint32(k.APIConn.Modified(false)) }

 // MinTTL returns the minimal TTL.
 func (k *Kubernetes) MinTTL(state request.Request) uint32 { return k.ttl }
--- a/plugin/kubernetes/kubernetes_test.go
+++ b/plugin/kubernetes/kubernetes_test.go
@@ -45,7 +45,7 @@ func (APIConnServiceTest) Stop() error                               { return ni
 func (APIConnServiceTest) PodIndex(string) []*object.Pod             { return nil }
 func (APIConnServiceTest) SvcIndexReverse(string) []*object.Service  { return nil }
 func (APIConnServiceTest) EpIndexReverse(string) []*object.Endpoints { return nil }
-func (APIConnServiceTest) Modified() int64                           { return 0 }
+func (APIConnServiceTest) Modified(bool) int64                       { return 0 }

 func (APIConnServiceTest) SvcIndex(string) []*object.Service {
 	svcs := []*object.Service{
--- a/plugin/kubernetes/ns_test.go
+++ b/plugin/kubernetes/ns_test.go
@@ -21,7 +21,7 @@ func (APIConnTest) PodIndex(string) []*object.Pod            { return nil }
 func (APIConnTest) SvcIndexReverse(string) []*object.Service { return nil }
 func (APIConnTest) EpIndex(string) []*object.Endpoints       { return nil }
 func (APIConnTest) EndpointsList() []*object.Endpoints       { return nil }
-func (APIConnTest) Modified() int64                          { return 0 }
+func (APIConnTest) Modified(bool) int64                      { return 0 }

 func (a APIConnTest) SvcIndex(s string) []*object.Service {
 	switch s {
--- a/plugin/kubernetes/reverse_test.go
+++ b/plugin/kubernetes/reverse_test.go
@@ -22,7 +22,7 @@ func (APIConnReverseTest) PodIndex(string) []*object.Pod      { return nil }
 func (APIConnReverseTest) EpIndex(string) []*object.Endpoints { return nil }
 func (APIConnReverseTest) EndpointsList() []*object.Endpoints { return nil }
 func (APIConnReverseTest) ServiceList() []*object.Service     { return nil }
-func (APIConnReverseTest) Modified() int64                    { return 0 }
+func (APIConnReverseTest) Modified(bool) int64                { return 0 }

 func (APIConnReverseTest) SvcIndex(svc string) []*object.Service {
 	if svc != "svc1.testns" {