search

kumahq / kuma

🐻 The multi-zone service mesh for containers, Kubernetes and VMs. Built with Envoy. CNCF Sandbox Project.
https://kuma.io/install
Apache License 2.0
3.68k stars 333 forks source link

Make DNS ports consistent between Universal and Kubernetes #8116

Open bcollard opened 1 year ago

bcollard commented 1 year ago

What happened?

The default DP DNS config has:

https://github.com/kumahq/kuma/blob/1633d34ad116dd1e618f4a27dd1526f5ff7d8bde/pkg/config/app/kuma-dp/config.go#L36-L38

On Kubernetes, these are configured the other way around due to:

https://github.com/kumahq/kuma/blob/d49515aa1cde1d63d11981be05953720090bbd8c/pkg/plugins/runtime/k8s/containers/factory.go#L222-L235

So as if:

 CoreDNSPort:               15053, 
 CoreDNSEmptyPort:          15054,
 EnvoyDNSPort:              15055,

And once rendered, the kuma-sidecar CoreDNS config is like the following:

.:15053 {
    forward . 127.0.0.1:15055
    # We want all requests to be sent to the Envoy DNS Filter, unsuccessful responses should be forwarded to the original DNS server.
    # For example: requests other than A, AAAA and SRV will return NOTIMP when hitting the envoy filter and should be sent to the original DNS server.
    # Codes from: https://github.com/miekg/dns/blob/master/msg.go#L138
    alternate NOTIMP,FORMERR,NXDOMAIN,SERVFAIL,REFUSED . /etc/resolv.conf
    prometheus localhost:19153
    errors
}

.:15054 {
    template ANY ANY . {
      rcode NXDOMAIN
    }
}
jakubdyszkiewicz commented 1 year ago

Triage: It works, but it's definitely not expected

github-actions[bot] commented 10 months ago

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] commented 7 months ago

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] commented 4 months ago

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] commented 4 weeks ago

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.