Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-10-27 08:14:18 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
9c16ed1d14f570f27b4ff9cb89845a3a1548a776
coredns/plugin/route53
History
Miek Gieben 9c16ed1d14 Default to upstream to self (#2436) 
* Default to upstream to self

This is a backwards incompatible change.

This is a massive (cleanup) PR where we default to resolving external
names by the coredns process itself, instead of directly forwarding them
to some upstream.

This ignores any arguments `upstream` may have had and makes it depend
on proxy/forward configuration in the Corefile. This allows resolved
upstream names to be cached and we have better healthchecking of the
upstreams. It also means there is only one way to resolve names, by
either using the proxy or forward plugin.

The proxy/forward lookup.go functions have been removed. This also
lessen the dependency on proxy, meaning deprecating proxy will become
easier. Some tests have been removed as well, or moved to the top-level
test directory as they now require a full coredns process instead of
just the plugin.

For the etcd plugin, the entire StubZone resolving is *dropped*! This
was a hacky (but working) solution to say the least. If someone cares
deeply it can be brought back (maybe)?

The pkg/upstream is now very small and almost does nothing. Also the
New() function was changed to return a pointer to upstream.Upstream. It
also returns only one parameter, so any stragglers using it will
encounter a compile error.

All documentation has been adapted. This affected the following plugins:
* etcd
* file
* auto
* secondary
* federation
* template
* route53

A followup PR will make any upstream directives with arguments an error,
right now they are ignored.

Signed-off-by: Miek Gieben <miek@miek.nl>

* Fix etcd build - probably still fails unit test

Signed-off-by: Miek Gieben <miek@miek.nl>

* Slightly smarter lookup check in upstream

Signed-off-by: Miek Gieben <miek@miek.nl>

* Compilez

Signed-off-by: Miek Gieben <miek@miek.nl>
2019-01-13 16:54:49 +00:00
..
log_test.go
Clean up tests logging (#1979)
2018-07-19 16:23:06 +01:00
OWNERS
Add @dilyevsky to reviewers. (#2094)
2018-09-13 15:22:57 -07:00
README.md
Default to upstream to self (#2436)
2019-01-13 16:54:49 +00:00
route53_test.go
disable ra flag for several plugins (#2408)
2018-12-30 17:05:08 +01:00
route53.go
Default to upstream to self (#2436)
2019-01-13 16:54:49 +00:00
setup_test.go
plugin/route53: make the upstream address in route53 plugin optional. (#2263)
2018-11-02 21:07:50 +00:00
setup.go
Default to upstream to self (#2436)
2019-01-13 16:54:49 +00:00

README.md

route53

Name

route53 - enables serving zone data from AWS route53.

Description

The route53 plugin is useful for serving zones from resource record sets in AWS route53. This plugin supports all Amazon Route 53 records (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html). The route53 plugin can be used when coredns is deployed on AWS or elsewhere.

Syntax

route53 [ZONE:HOSTED_ZONE_ID...] {
    [aws_access_key AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY]
    upstream
    credentials PROFILE [FILENAME]
    fallthrough [ZONES...]
}

  • ZONE the name of the domain to be accessed. When there are multiple zones with overlapping domains (private vs. public hosted zone), CoreDNS does the lookup in the given order here. Therefore, for a non-existing resource record, SOA response will be from the rightmost zone.

  • HOSTEDZONEID the ID of the hosted zone that contains the resource record sets to be accessed.

  • AWSACCESSKEY_ID and AWSSECRETACCESS_KEY the AWS access key ID and secret access key to be used when query AWS (optional). If they are not provided, then coredns tries to access AWS credentials the same way as AWS CLI, e.g., environmental variables, AWS credentials file, instance profile credentials, etc.

  • upstreamis used for resolving services that point to external hosts (eg. used to resolve CNAMEs). CoreDNS will resolve against itself.

  • credentials used for reading the credential file and setting the profile name for a given zone.

  • PROFILE AWS account profile name. Defaults to default.

  • FILENAME AWS credentials filename. Defaults to ~/.aws/credentials are used.

  • fallthrough If zone matches and no record can be generated, pass request to the next plugin. If [ZONES...] is omitted, then fallthrough happens for all zones for which the plugin is authoritative. If specific zones are listed (for example in-addr.arpa and ip6.arpa), then only queries for those zones will be subject to fallthrough.

  • ZONES zones it should be authoritative for. If empty, the zones from the configuration block

Examples

Enable route53 with implicit AWS credentials and an upstream:

. {
	route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 {
	  upstream 10.0.0.1
	}
}

Enable route53 with explicit AWS credentials:

. {
    route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 {
      aws_access_key AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY
    }
}

Enable route53 with fallthrough:

. {
    route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 example.gov.:Z654321543245 {
      fallthrough example.gov.
    }
}

Enable route53 with multiple hosted zones with the same domain:

. {
    route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 example.org.:Z93A52145678156
}