From d26c761105aba017dd437d7a4c85565eaf56ab63 Mon Sep 17 00:00:00 2001 From: thefosk Date: Wed, 14 Oct 2015 17:24:25 -0700 Subject: [PATCH] Customizable DNS settings --- kong.yml | 8 ++++-- kong/cli/utils/dnsmasq.lua | 6 ++-- kong/cli/utils/signal.lua | 25 +++++++++++++--- spec/integration/cli/start_spec.lua | 44 +++++++++++++++++++++++++++-- spec/unit/statics_spec.lua | 8 ++++-- 5 files changed, 77 insertions(+), 14 deletions(-) diff --git a/kong.yml b/kong.yml index 75275142fc40..381d053a2e0d 100644 --- a/kong.yml +++ b/kong.yml @@ -29,8 +29,12 @@ proxy_port: 8000 proxy_ssl_port: 8443 admin_api_port: 8001 -## Secondary port configuration -dnsmasq_port: 8053 +## DNS resolver configuration +dns_resolver: + #address: "8.8.8.8:53" + dnsmasq: + enabled: true + port: 8053 ## Specify the DAO to use database: cassandra diff --git a/kong/cli/utils/dnsmasq.lua b/kong/cli/utils/dnsmasq.lua index b06b17be7b81..eb6ddfdbd870 100644 --- a/kong/cli/utils/dnsmasq.lua +++ b/kong/cli/utils/dnsmasq.lua @@ -13,7 +13,7 @@ function _M.stop(kong_config) end end -function _M.start(kong_config) +function _M.start(nginx_working_dir, dnsmasq_port) local cmd = IO.cmd_exists("dnsmasq") and "dnsmasq" if not cmd then -- Load dnsmasq given the PATH settings @@ -32,8 +32,8 @@ function _M.start(kong_config) end -- Start the dnsmasq daemon - local file_pid = kong_config.nginx_working_dir..(stringy.endswith(kong_config.nginx_working_dir, "/") and "" or "/")..constants.CLI.DNSMASQ_PID - local res, code = IO.os_execute(cmd.." -p "..kong_config.dnsmasq_port.." --pid-file="..file_pid.." -N -o") + local file_pid = nginx_working_dir..(stringy.endswith(nginx_working_dir, "/") and "" or "/")..constants.CLI.DNSMASQ_PID + local res, code = IO.os_execute(cmd.." -p "..dnsmasq_port.." --pid-file="..file_pid.." -N -o") if code ~= 0 then cutils.logger:error_exit(res) else diff --git a/kong/cli/utils/signal.lua b/kong/cli/utils/signal.lua index 098378eee257..b9aa00c76ee8 100644 --- a/kong/cli/utils/signal.lua +++ b/kong/cli/utils/signal.lua @@ -110,13 +110,27 @@ local function prepare_nginx_working_dir(args_config) local ssl_cert_path, ssl_key_path = ssl.get_ssl_cert_and_key(kong_config) local trusted_ssl_cert_path = kong_config.databases_available[kong_config.database].properties.ssl_certificate -- DAO ssl cert + -- Check dns_resolver + local dns_resolver + if kong_config.dns_resolver.address and kong_config.dns_resolver.dnsmasq.enabled then + cutils.logger:error_exit("Invalid \"dns_resolver\" setting: you cannot set both an address and enable dnsmasq") + elseif not kong_config.dns_resolver.address and not kong_config.dns_resolver.dnsmasq.enabled then + cutils.logger:error_exit("Invalid \"dns_resolver\" setting: you must set at least an address or enable dnsmasq") + elseif kong_config.dns_resolver.address then + dns_resolver = kong_config.dns_resolver.address + else + dns_resolver = "127.0.0.1:"..kong_config.dns_resolver.dnsmasq.port + end + + cutils.logger:info("DNS resolver set to: "..dns_resolver) + -- Extract nginx config from kong config, replace any needed value local nginx_config = kong_config.nginx local nginx_inject = { proxy_port = kong_config.proxy_port, proxy_ssl_port = kong_config.proxy_ssl_port, admin_api_port = kong_config.admin_api_port, - dns_resolver = "127.0.0.1:"..kong_config.dnsmasq_port, + dns_resolver = dns_resolver, memory_cache_size = kong_config.memory_cache_size, ssl_cert = ssl_cert_path, ssl_key = ssl_key_path, @@ -222,7 +236,7 @@ function _M.prepare_kong(args_config, signal) kong_config.proxy_port, kong_config.proxy_ssl_port, kong_config.admin_api_port, - kong_config.dnsmasq_port, + kong_config.dns_resolver.dnsmasq.enabled and kong_config.dns_resolver.dnsmasq.port or "DISABLED", kong_config.database, tostring(dao_config))) @@ -272,8 +286,11 @@ function _M.send_signal(args_config, signal) -- dnsmasq start/stop if signal == START then dnsmasq.stop(kong_config) - check_port(kong_config.dnsmasq_port) - dnsmasq.start(kong_config) + if kong_config.dns_resolver.dnsmasq.enabled then + local dnsmasq_port = kong_config.dns_resolver.dnsmasq.port + check_port(dnsmasq_port) + dnsmasq.start(kong_config.nginx_working_dir, dnsmasq_port) + end elseif signal == STOP or signal == QUIT then dnsmasq.stop(kong_config) end diff --git a/spec/integration/cli/start_spec.lua b/spec/integration/cli/start_spec.lua index 1a63e3d35ef7..af5bab58f088 100644 --- a/spec/integration/cli/start_spec.lua +++ b/spec/integration/cli/start_spec.lua @@ -14,9 +14,7 @@ end describe("CLI", function() - describe("Startup plugins check", function() - - setup(function() + setup(function() os.execute("cp "..TEST_CONF.." "..SERVER_CONF) spec_helper.add_env(SERVER_CONF) spec_helper.prepare_db(SERVER_CONF) @@ -31,6 +29,46 @@ describe("CLI", function() pcall(spec_helper.stop_kong, SERVER_CONF) end) + describe("dnsmasq check", function() + + it("should start dnsmasq with the default settings", function() + local _, exit_code = spec_helper.start_kong(SERVER_CONF, true) + assert.are.same(0, exit_code) + end) + + it("should not start with both dnsmasq and an address set", function() + replace_conf_property("dns_resolver", { + address = "8.8.8.8:53", + dnsmasq = { + enabled = true, + port = 8053 + } + }) + + assert.error_matches(function() + spec_helper.start_kong(SERVER_CONF, true) + end, "Invalid \"dns_resolver\" setting: you cannot set both an address and enable dnsmasq", nil, true) + end) + + it("should not start with none of dnsmasq and an address set", function() + replace_conf_property("dns_resolver", { dnsmasq = {}}) + + assert.error_matches(function() + spec_helper.start_kong(SERVER_CONF, true) + end, "Invalid \"dns_resolver\" setting: you must set at least an address or enable dnsmasq", nil, true) + end) + + it("should start dnsmasq with a custom address", function() + replace_conf_property("dns_resolver", { address = "8.8.8.8:53", dnsmasq = { enabled = false, port = 8053}}) + + local _, exit_code = spec_helper.start_kong(SERVER_CONF, true) + assert.are.same(0, exit_code) + end) + + end) + + describe("Startup plugins check", function() + it("should start with the default configuration", function() assert.has_no.errors(function() spec_helper.start_kong(TEST_CONF, true) diff --git a/spec/unit/statics_spec.lua b/spec/unit/statics_spec.lua index ea30bf80e0e6..ccfa9e7e94fd 100644 --- a/spec/unit/statics_spec.lua +++ b/spec/unit/statics_spec.lua @@ -71,8 +71,12 @@ proxy_port: 8000 proxy_ssl_port: 8443 admin_api_port: 8001 -## Secondary port configuration -dnsmasq_port: 8053 +## DNS resolver configuration +dns_resolver: + #address: "8.8.8.8:53" + dnsmasq: + enabled: true + port: 8053 ## Specify the DAO to use database: cassandra