feature: add dns controller to sync cluster node dns records #270
Conversation
|
@SataQiu Thank you for making the pull request. |
SataQiu
force-pushed
the
feature-dns-controller
branch
2 times, most recently
from
4ff4f91 to
c1b683b
Compare
| continue | ||
| } | ||
| } | ||
| records = append(records, formatDNSRecord(ip, node.Name)) |
There was a problem hiding this comment.
records for edge nodes are forgotten?
There was a problem hiding this comment.
We will record whether it is an edge node or not, but the destination ip is different.
pkg/yurttunnel/dns/dns.go
Outdated
| } | ||
|
|
||
| // parse tunnel server tcp port | ||
| tunnelServerAgentPort, _ := strconv.Atoi(constants.YurttunnelServerAgentPort) |
There was a problem hiding this comment.
tunnelServerAgentPort for insecure request is not 10262, is 10264(YurttunnelServerMasterInsecurePort)
| found = true | ||
| if v != record { | ||
| result[i] = record | ||
| changed = true |
There was a problem hiding this comment.
how about add a break to exit for loop?
| } else { | ||
| klog.Errorf("fail to get configmap %s/%s: %v", | ||
| YurttunnelServerDnatConfigMapNs, | ||
| YurttunnelServerDnatConfigMapName, err) |
There was a problem hiding this comment.
I think that we need to add error return value for func GetConfiguredDnatPorts, and when we failed to get yurt-server-tunnel-cfg configmap, we can return error instead of empty slice.
| go wait.Until(func() { | ||
| if err := dnsctl.syncTunnelServerService(); err != nil { | ||
| klog.Errorf("failed to sync tunnel server service, %v", err) | ||
| } |
There was a problem hiding this comment.
why we need to add syncTunnelServerService here?
There was a problem hiding this comment.
Based on past experience, we should not rely solely on the watch mechanism, as there is a risk of lost events. We need to make sure that the information is synchronized through a periodic list function.
SataQiu
force-pushed
the
feature-dns-controller
branch
from
c1b683b to
cb0f13b
Compare
| @@ -127,6 +127,7 @@ spec: | |||
| - yurt-tunnel-server | |||
| args: | |||
| - --bind-address=$(NODE_IP) | |||
| - --insecure-bind-address=$(NODE_IP) | |||
There was a problem hiding this comment.
Ensure that the tunnel-server listening address can be accessed by other cloud nodes in the cluster.
There was a problem hiding this comment.
yeah, tunnel-server need to listen on node ip for insecure requests.
pkg/yurttunnel/dns/dns.go
Outdated
| } | ||
| updatedSvcPorts = append(updatedSvcPorts, port) | ||
| } | ||
| svc.Spec.Ports = updatedSvcPorts |
There was a problem hiding this comment.
how about add a flag to check service port need to be updated or not?
SataQiu
force-pushed
the
feature-dns-controller
branch
from
cb0f13b to
1f82b2c
Compare
feature: add dns controller to sync cluster node dns records
Ⅰ. Describe what this PR does
In the edge computing scenario, the IP addresses of the edge nodes are likely to be the same. So we can not rely on the node IP to forward the request but should use the node hostname(unique in one cluster).
This PR provides the ability for the tunnel-server to handle requests in the form of
scheme://[hostname]:[port]/[req_path].How to use it
The dns controller will generate a ConfigMap named
yurt-tunnel-nodesin thekube-systemnamespace.You need to manually config CoreDNS to use it according to the steps like the following:
First, mount the ConfigMap as volume of CoreDNS Pod, for example
Second, update CoreDNS ConfigMap (
kube-system/coredns), add thehostssectionⅡ. Does this pull request fix one issue?
Ⅲ. List the added test cases (unit test/integration test) if any, please explain if no tests are needed.
Ⅳ. Describe how to verify it
Ⅴ. Special notes for reviews