release 185 (#237)

Signed-off-by: Miek Gieben <miek@miek.nl>
2021-09-21 17:20:35 +02:00 · 2021-09-21 17:20:35 +02:00 · 24e56efc2e
parent cf388c1397
commit 24e56efc2e
12 changed files with 258 additions and 28 deletions
--- a/content/blog/coredns-1.8.5.md
+++ b/content/blog/coredns-1.8.5.md
@ -0,0 +1,62 @@
+++
+title = "CoreDNS-1.8.5 Release"
+description = "CoreDNS-1.8.5 Release Notes."
+tags = ["Release", "1.8.5", "Notes"]
+release = "1.8.5"
+date = 2021-09-10T07:00:00+00:00
+author = "coredns"
+++
+
+This is a rather big release, we now [share plugins among zones in the same server
+block](https://github.com/coredns/coredns/pull/4593), which should save memory. Various bug fixes in
+a bunch of plugins and not one, but two new plugins. A *geoip* plugin that can report **where** the
+query came from and a *header* plugin that allows you to fiddle with (some of) the header bits in a
+DNS message.
+
+With this release, the `coredns_cache_misses_total` metric is deprecated.  It will be removed in a later release.
+Users should migrate their promQL  to use `coredns_cache_requests_total - coredns_cache_hits_total`.
+
+## Brought to You By
+
+Ben Kochie,
+Chris O'Haver,
+Jeongwook Park,
+Kohei Yoshida,
+Licht Takeuchi,
+Manuel Rüger,
+Mat Lowery,
+mfleader,
+Miek Gieben,
+Ondřej Benkovský,
+Qasim Sarfraz,
+rouzier,
+Sascha Grunert,
+Sven Nebel,
+Yong Tang.
+
+## Noteworthy Changes
+
+* core: Add -p for port flag (https://github.com/coredns/coredns/pull/4653)
+* core: Fix IPv6 case for CIDR format reverse zones (https://github.com/coredns/coredns/pull/4652)
+* core: Share plugins among zones in the same server block (https://github.com/coredns/coredns/pull/4593)
+* core: Upstream lookups are done with original EDNS options (https://github.com/coredns/coredns/pull/4826)
+* plugin/cache: Unset AD flag when DO is not set for cache miss (https://github.com/coredns/coredns/pull/4736)
+* plugin/cache: Update cache metrics and add a total cache request counter to follow Prometheus convention (https://github.com/coredns/coredns/pull/4781)
+* plugin/errors: Add configurable log level to errors plugin (https://github.com/coredns/coredns/pull/4718)
+* plugin/file: fix wildcard CNAME answer (https://github.com/coredns/coredns/pull/4828)
+* plugin/forward: Add proxy address as tag (https://github.com/coredns/coredns/pull/4757)
+* plugin/geoip: Create geoip plugin (https://github.com/coredns/coredns/pull/4688)
+* plugin/header: Introduce header plugin (https://github.com/coredns/coredns/pull/4752)
+* plugin/kubernetes: Add NS+hosts records to xfr response. Add coredns service to test data. (https://github.com/coredns/coredns/pull/4696)
+* plugin/kubernetes: Improve namespace usage (https://github.com/coredns/coredns/pull/4767)
+* plugins/kubernetes: Switch to klog/v2 (https://github.com/coredns/coredns/pull/4778)
+* plugin/kubernetes: Only answer transfer requests for authoritative zones (https://github.com/coredns/coredns/pull/4802)
+* plugin/log: Do not log NOERROR in log plugin when response is not available (https://github.com/coredns/coredns/pull/4725)
+* plugin/log: Fix closing of codeblock (https://github.com/coredns/coredns/pull/4680)
+* plugin/metrics: When no response is written, fallback to status of next plugin in prometheus plugin (https://github.com/coredns/coredns/pull/4727)
+* plugin/route53: Fix Route53 plugin cannot retrieve ECS Task Role (https://github.com/coredns/coredns/pull/4669)
+* plugin/secondary: Doc updates (https://github.com/coredns/coredns/pull/4686)
+* plugin/secondary: Retry initial transfer until successful (https://github.com/coredns/coredns/pull/4663)
+* plugin/trace: Fix rcode tag in case of no response (https://github.com/coredns/coredns/pull/4742)
+* plugin/trace: Publish trace id as metadata from trace plugin (https://github.com/coredns/coredns/pull/4749)
+* plugin/trace: Trace plugin can mark traces with error tag (https://github.com/coredns/coredns/pull/4720)
--- a/content/plugins/cache.md
+++ b/content/plugins/cache.md
@ -4,7 +4,7 @@ description = "*cache* enables a frontend cache."
 weight = 8
 tags = ["plugin", "cache"]
 categories = ["plugin"]
-date = "2021-03-21T16:44:32.8773283"
+date = "2021-09-21T15:01:04.877489"
 +++

 ## Description
@ -78,7 +78,8 @@ If monitoring is enabled (via the *prometheus* plugin) then the following metric

 * `coredns_cache_entries{server, type}` - Total elements in the cache by cache type.
 * `coredns_cache_hits_total{server, type}` - Counter of cache hits by cache type.
-* `coredns_cache_misses_total{server}` - Counter of cache misses.
+* `coredns_cache_misses_total{server}` - Counter of cache misses. - Deprecated, derive misses from cache hits/requests counters.
+* `coredns_cache_requests_total{server}` - Counter of cache requests.
 * `coredns_cache_prefetch_total{server}` - Counter of times the cache has prefetched a cached item.
 * `coredns_cache_drops_total{server}` - Counter of responses excluded from the cache due to request/response question name mismatch.
 * `coredns_cache_served_stale_total{server}` - Counter of requests served from stale cache entries.
--- a/content/plugins/errors.md
+++ b/content/plugins/errors.md
@ -1,10 +1,10 @@
 +++
 title = "errors"
 description = "*errors* enables error logging."
-weight = 16
+weight = 17
 tags = ["plugin", "errors"]
 categories = ["plugin"]
-date = "2020-02-06T12:07:03.877382"
+date = "2021-09-21T15:01:04.877489"
 +++

 ## Description
@ -25,12 +25,12 @@ Extra knobs are available with an expanded syntax:

 ~~~
 errors {
-	consolidate DURATION REGEXP
+	consolidate DURATION REGEXP [LEVEL]
 }
 ~~~

-Option `consolidate` allows collecting several error messages matching the regular expression **REGEXP** during **DURATION**. After the **DURATION** since receiving the first such message, the consolidated message will be printed to standard output, e.g.
-
+Option `consolidate` allows collecting several error messages matching the regular expression **REGEXP** during **DURATION**. After the **DURATION** since receiving the first such message, the consolidated message will be printed to standard output with
+log level, which is configurable by optional option **LEVEL**. Supported options for **LEVEL** option are `warning`,`error`,`info` and `debug`.
 ~~~
 2 errors like '^read udp .* i/o timeout$' occurred in last 30s
 ~~~
@ -50,13 +50,15 @@ example.org {
 }
 ~~~

-Use the *forward* to resolve queries via 8.8.8.8 and print consolidated error messages for errors with suffix " i/o timeout" or with prefix "Failed to ".
+Use the *forward* plugin to resolve queries via 8.8.8.8 and print consolidated messages
+for errors with suffix " i/o timeout" as warnings,
+and errors with prefix "Failed to " as errors.

 ~~~ corefile
 . {
    forward . 8.8.8.8
    errors {
-        consolidate 5m ".* i/o timeout$"
+        consolidate 5m ".* i/o timeout$" warning
        consolidate 30s "^Failed to .+"
    }
 }
--- a/content/plugins/forward.md
+++ b/content/plugins/forward.md
@ -4,7 +4,7 @@ description = "*forward* facilitates proxying DNS messages to upstream resolvers
 weight = 20
 tags = ["plugin", "forward"]
 categories = ["plugin"]
-date = "2021-03-16T13:06:33.8773383"
+date = "2021-09-21T15:01:04.877489"
 +++

 ## Description
@ -32,7 +32,8 @@ In its most basic form, a simple forwarder uses this syntax:
 forward FROM TO...
 ~~~

-* **FROM** is the base domain to match for the request to be forwarded.
+* **FROM** is the base domain to match for the request to be forwarded. Domains using CIDR notation
+  that expand to multiple reverse zones are not fully supported; only the first expanded zone is used.
 * **TO...** are the destination endpoints to forward to. The **TO** syntax allows you to specify
  a protocol, `tls://9.9.9.9` or `dns://` (or no protocol) for plain DNS. The number of upstreams is
  limited to 15.
--- a/content/plugins/geoip.md
+++ b/content/plugins/geoip.md
@ -0,0 +1,77 @@
+++
+title = "geoip"
+description = "*geoip* Lookup maxmind geoip2 databases using the client IP, then add associated geoip data to the context request."
+weight = 21
+tags = ["plugin", "geoip"]
+categories = ["plugin"]
+date = "2021-09-21T15:01:04.877489"
+++
+
+## Description
+The *geoip* plugin add geo location data associated with the client IP, it allows you to configure a [geoIP2 maxmind database](https://dev.maxmind.com/geoip/docs/databases) to add the geo location data associated with the IP address.
+
+The data is added leveraging the *metadata* plugin, values can then be retrieved using it as well, for example:
+
+```go
+import (
+    "strconv"
+    "github.com/coredns/coredns/plugin/metadata"
+)
+// ...
+if getLongitude := metadata.ValueFunc(ctx, "geoip/longitude"); getLongitude != nil {
+    if longitude, err := strconv.ParseFloat(getLongitude(), 64); err == nil {
+		// Do something useful with longitude.
+	}
+} else {
+    // The metadata label geoip/longitude for some reason, was not set.
+}
+// ...
+```
+
+## Databases
+The supported databases use city schema such as `City` and `Enterprise`. Other databases types with different schemas are not supported yet.
+
+You can download a [free and public City database](https://dev.maxmind.com/geoip/geolite2-free-geolocation-data).
+
+## Syntax
+```txt
+geoip [DBFILE]
+```
+* **DBFILE** the mmdb database file path.
+
+## Examples
+The following configuration configures the `City` database.
+```txt
+. {
+    geoip /opt/geoip2/db/GeoLite2-City.mmdb
+    metadata # Note that metadata plugin must be enabled as well.
+}
+```
+
+## Metadatada Labels
+A limited set of fields will be exported as labels, all values are stored using strings **regardless of their underlying value type**, and therefore you may have to convert it back to its original type, note that numeric values are always represented in base 10.
+
+| Label                                | Type      | Example          | Description
+| :----------------------------------- | :-------- | :--------------  | :------------------
+| `geoip/city/name`                    | `string`  | `Cambridge`      | Then city name in English language.
+| `geoip/country/code`                 | `string`  | `GB`             | Country [ISO 3166-1](https://en.wikipedia.org/wiki/ISO_3166-1) code.
+| `geoip/country/name`                 | `string`  | `United Kingdom` | The country name in English language.
+| `geoip/country/is_in_european_union` | `bool`    | `false`          | Either `true` or `false`.
+| `geoip/continent/code`               | `string`  | `EU`             | See [Continent codes](#ContinentCodes).
+| `geoip/continent/name`               | `string`  | `Europe`         | The continent name in English language.
+| `geoip/latitude`                     | `float64` | `52.2242`        | Base 10, max available precision.
+| `geoip/longitude`                    | `float64` | `0.1315`         | Base 10, max available precision.
+| `geoip/timezone`                     | `string`  | `Europe/London`  | The timezone.
+| `geoip/postalcode`                   | `string`  | `CB4`            | The postal code.
+
+## Continent Codes
+
+| Value | Continent (EN) |
+| :---- | :------------- |
+| AF    | Africa         |
+| AN    | Antarctica     |
+| AS    | Asia           |
+| EU    | Europe         |
+| NA    | North America  |
+| OC    | Oceania        |
+| SA    | South America  |
--- a/content/plugins/header.md
+++ b/content/plugins/header.md
@ -0,0 +1,54 @@
+++
+title = "header"
+description = "*header* modifies the header for responses."
+weight = 23
+tags = ["plugin", "header"]
+categories = ["plugin"]
+date = "2021-09-21T15:01:04.877489"
+++
+
+## Description
+
+*header* ensures that the flags are in the desired state for responses. The modifications are made transparently for
+the client.
+
+## Syntax
+
+~~~
+header {
+    ACTION FLAGS...
+    ACTION FLAGS...
+}
+~~~
+
+* **ACTION** defines the state for DNS message header flags. Actions are evaluated in the order they are defined so last one has the
+  most precedence. Allowed values are:
+    * `set`
+    * `clear`
+* **FLAGS** are the DNS header flags that will be modified. Current supported flags include:
+    * `aa` - Authoritative(Answer)
+    * `ra` - RecursionAvailable
+    * `rd` - RecursionDesired
+
+## Examples
+
+Make sure recursive available `ra` flag is set in all the responses:
+
+~~~ corefile
+. {
+    header {
+        set ra
+    }
+}
+~~~
+
+Make sure "recursion available" `ra` and "authoritative answer" `aa` flags are set and "recursion desired" is cleared in all responses:
+
+~~~ corefile
+. {
+    header {
+        set ra aa
+        clear rd
+    }
+}
+~~~
--- a/content/plugins/health.md
+++ b/content/plugins/health.md
@ -1,10 +1,10 @@
 +++
 title = "health"
 description = "*health* enables a health check endpoint."
-weight = 22
+weight = 24
 tags = ["plugin", "health"]
 categories = ["plugin"]
-date = "2021-03-19T10:47:32.8773283"
+date = "2021-09-21T15:01:04.877489"
 +++

 ## Description
@ -53,11 +53,13 @@ Doing this is supported but both endpoints ":8080" and ":8081" will export the e

 If monitoring is enabled (via the *prometheus* plugin) then the following metric is exported:

- *  `coredns_health_request_duration_seconds{}` - duration to process a HTTP query to the local
+ * `coredns_health_request_duration_seconds{}` - duration to process a HTTP query to the local
    `/health` endpoint. As this a local operation it should be fast. A (large) increase in this
    duration indicates the CoreDNS process is having trouble keeping up with its query load.
+ * `coredns_health_request_failures_total{}` - The number of times the internal health check loop
+    failed to query `/health`.

-Note that this metric *does not* have a `server` label, because being overloaded is a symptom of
+Note that these metrics *do not* have a `server` label, because being overloaded is a symptom of
 the running process, *not* a specific server.

 ## Examples
--- a/content/plugins/log.md
+++ b/content/plugins/log.md
@ -1,10 +1,10 @@
 +++
 title = "log"
 description = "*log* enables query logging to standard output."
-weight = 27
+weight = 31
 tags = ["plugin", "log"]
 categories = ["plugin"]
-date = "2020-02-06T12:07:03.877382"
+date = "2021-09-21T15:01:04.877489"
 +++

 ## Description
@ -95,7 +95,7 @@ Each of these logs will be outputted with `log.Infof`, so a typical example look

 ~~~ txt
 [INFO] [::1]:50759 - 29008 "A IN example.org. udp 41 false 4096" NOERROR qr,rd,ra,ad 68 0.037990251s
-~~~~
+~~~

 ## Examples

--- a/content/plugins/secondary.md
+++ b/content/plugins/secondary.md
@ -1,10 +1,10 @@
 +++
 title = "secondary"
 description = "*secondary* enables serving a zone retrieved from a primary server."
-weight = 41
+weight = 43
 tags = ["plugin", "secondary"]
 categories = ["plugin"]
-date = "2021-04-05T13:38:00.877084"
+date = "2021-09-21T15:01:04.877489"
 +++

 ## Description
@ -13,6 +13,9 @@ With *secondary* you can transfer (via AXFR) a zone from another server. The ret
 *not committed* to disk (a violation of the RFC). This means restarting CoreDNS will cause it to
 retrieve all secondary zones.

+If the primary server(s) don't respond when CoreDNS is starting up, the AXFR will be retried
+indefinitely every 10s.
+
 ## Syntax

 ~~~
@ -70,3 +73,4 @@ Only AXFR is supported and the retrieved zone is not committed to disk.
 ## See Also

 See the *transfer* plugin to enable zone transfers _to_ other servers.
+And RFC 5936 detailing the AXFR protocol.
--- a/content/plugins/trace.md
+++ b/content/plugins/trace.md
@ -1,10 +1,10 @@
 +++
 title = "trace"
 description = "*trace* enables OpenTracing-based tracing of DNS requests as they go through the plugin chain."
-weight = 44
+weight = 47
 tags = ["plugin", "trace"]
 categories = ["plugin"]
-date = "2020-12-11T21:21:15.87715812"
+date = "2021-09-21T15:01:04.877489"
 +++

 ## Description
@ -96,6 +96,13 @@ trace tracinghost:9411 {
 }
 ~~~

+## Metadata
+
+The trace plugin will publish the following metadata, if the *metadata*
+plugin is also enabled:
+
+* `trace/traceid`: identifier of (zipkin/datadog) trace of processed request
+
 ## See Also

 See the *debug* plugin for more information about debug logging.
--- a/content/plugins/transfer.md
+++ b/content/plugins/transfer.md
@ -1,10 +1,10 @@
 +++
 title = "transfer"
 description = "*transfer* perform (outgoing) zone transfers for other plugins."
-weight = 44
+weight = 48
 tags = ["plugin", "transfer"]
 categories = ["plugin"]
-date = "2020-09-24T18:42:39.8773989"
+date = "2021-09-21T15:01:04.877489"
 +++

 ## Description
@ -34,9 +34,29 @@ transfer [ZONE...] {
    `transfer.Transferer`.

 *  `to` **ADDRESS...** The hosts *transfer* will transfer to. Use `*` to permit transfers to all
-    addresses. **ADDRESS** must be denoted in CIDR notation (e.g., 127.0.0.1/32) or just as plain
-    addresses. `to` may be specified multiple times.
+    addresses. Zone change notifications are sent to all **ADDRESS** that are an IP address or
+    an IP address and port e.g. `1.2.3.4`, `12:34::56`, `1.2.3.4:5300`, `[12:34::56]:5300`.
+    `to` may be specified multiple times.
+
+You can use the _acl_ plugin to further restrict hosts permitted to receive a zone transfer.
+See example below.

 ## Examples

-See the specific plugins using this plugin for examples on it's usage.
+Use in conjuction with the _acl_ plugin to restrict access to subnet 10.1.0.0/16.
+
+```
+...
+  acl {
+    allow type AXFR net 10.1.0.0/16
+    allow type IXFR net 10.1.0.0/16
+    block type AXFR net *
+    block type IXFR net *
+  }
+  transfer {
+    to *
+  }
+...
+```
+
+Each plugin that can use _transfer_ includes an example of use in their respective documentation.
--- a/data/coredns.toml
+++ b/data/coredns.toml
@ -1,2 +1,2 @@
 [release]
-  version = "1.8.4"
+  version = "1.8.5"