1.0.3 release (#51)

content/blog/coredns-1.0.3.md

@@ -0,0 +1,43 @@
++++
+title = "CoreDNS-1.0.3 Release"
+description = "CoreDNS-1.0.3 Release Notes."
+tags = ["Release", "1.0.3", "Notes"]
+draft = false
+release = "1.0.3"
+date = "2018-01-10T19:38:29+00:00"
+author = "miek"
++++
+
+We are pleased to announce the [release](https://github.com/coredns/coredns/releases/tag/v1.0.3) of CoreDNS-1.0.3!
+This is a small bugfix release, but we also have a new plugin:
+[*template*](https://coredns.io/plugins/template).
+
+## Core
+
+Manual pages are now generated from the READMEs, you can find them in the man/ directory.
+A coredns(1) and corefile(5) one where also added.
+
+## Plugins
+
+The `fallthrough` directive was overhauled and now allows a list of zones to be specified. It will
+then only fallthrough for those zones, see `plugin/plugin.md`.
+
+A new plugin *template* was added. It allows you to use Go (text) templates to craft a response, see
+<https://coredns.io/plugin/template> for docs.
+
+* *dnssec* implements Cloudflares's NSEC blacklies better.
+* *kubernetes*, adds a fix for `pod insecure` look ups for non-IP addresses.
+* *health* adds a metrics for the duration it takes to GET /health. Useful for getting a sense of
+  overloadedness of the process.
+
+## Contributors
+
+The following people helped with getting this release done:
+John Belamaric,
+Miek Gieben,
+Rene Treffer,
+Yong Tang.
+
+If you want to help, please check out one of the
+[issues](https://github.com/coredns/coredns/issues/) and start coding! For documentation and help,
+see our [community page](https://coredns.io/community/).

content/plugins/auto.md

@@ -4,7 +4,7 @@ description = "*auto* enables serving zone data from an RFC 1035-style master fi
 weight = 1
 tags = [ "plugin", "auto" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.151361"
+date = "2018-01-10T19:37:18.555060"
 +++
 
 ## Description

content/plugins/autopath.md

@@ -4,7 +4,7 @@ description = "*autopath* allows for server side search path completion."
 weight = 2
 tags = [ "plugin", "autopath" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.151904"
+date = "2018-01-10T19:37:18.555607"
 +++
 
 ## Description

content/plugins/bind.md

@@ -4,7 +4,7 @@ description = "*bind* overrides the host to which the server should bind."
 weight = 3
 tags = [ "plugin", "bind" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.152388"
+date = "2018-01-10T19:37:18.555935"
 +++
 
 ## Description

content/plugins/cache.md

@@ -4,7 +4,7 @@ description = "*cache* enables a frontend cache."
 weight = 4
 tags = [ "plugin", "cache" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.152782"
+date = "2018-01-10T19:37:18.556258"
 +++
 
 ## Description

content/plugins/chaos.md

@@ -4,7 +4,7 @@ description = "*chaos* allows for responding to TXT queries in the CH class."
 weight = 5
 tags = [ "plugin", "chaos" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.153315"
+date = "2018-01-10T19:37:18.556579"
 +++
 
 ## Description

content/plugins/debug.md

@@ -4,7 +4,7 @@ description = "*debug* disables the automatic recovery upon a crash so that you'
 weight = 6
 tags = [ "plugin", "debug" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.153657"
+date = "2018-01-10T19:37:18.556848"
 +++
 
 ## Description

content/plugins/dnssec.md

@@ -4,7 +4,7 @@ description = "*dnssec* enable on-the-fly DNSSEC signing of served data."
 weight = 7
 tags = [ "plugin", "dnssec" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.154136"
+date = "2018-01-10T19:37:18.557726"
 +++
 
 ## Description

content/plugins/dnstap.md

@@ -4,7 +4,7 @@ description = "*dnstap* enable logging to dnstap"
 weight = 8
 tags = [ "plugin", "dnstap" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.154612"
+date = "2018-01-10T19:37:18.558091"
 +++
 
 ## Description
@@ -67,6 +67,6 @@ Listen for dnstap messages on port 6000.
 % dnstap -l 127.0.0.1:6000
 ~~~
 
-# See Also
+## See Also
 
 [dnstap.info](http://dnstap.info).

content/plugins/erratic.md

@@ -4,7 +4,7 @@ description = "*erratic* a plugin useful for testing client behavior."
 weight = 9
 tags = [ "plugin", "erratic" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.155072"
+date = "2018-01-10T19:37:18.558362"
 +++
 
 ## Description

content/plugins/errors.md

@@ -4,7 +4,7 @@ description = "*errors* enable error logging."
 weight = 10
 tags = [ "plugin", "errors" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.155465"
+date = "2018-01-10T19:37:18.558651"
 +++
 
 ## Description

content/plugins/etcd.md

@@ -4,7 +4,7 @@ description = "*etcd* enables reading zone data from an etcd instance."
 weight = 11
 tags = [ "plugin", "etcd" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.155951"
+date = "2018-01-10T19:37:18.558918"
 +++
 
 ## Description
@@ -32,7 +32,7 @@ If you want to `round robin` A and AAAA responses look at the `loadbalance` plug
 ~~~
 etcd [ZONES...] {
     stubzones
-    fallthrough
+    fallthrough [ZONES...]
     path PATH
     endpoint ENDPOINT...
     upstream ADDRESS...
@@ -43,6 +43,9 @@ etcd [ZONES...] {
 * `stubzones` enables the stub zones feature. The stubzone is *only* done in the etcd tree located
     under the *first* zone specified.
 * `fallthrough` If zone matches but no record can be generated, pass request to the next plugin.
+  If **[ZONES...]** is omitted, then fallthrough happens for all zones for which the plugin
+  is authoritative. If specific zones are listed (for example `in-addr.arpa` and `ip6.arpa`), then only
+  queries for those zones will be subject to fallthrough.
 * **PATH** the path inside etcd. Defaults to "/skydns".
 * **ENDPOINT** the etcd endpoints. Defaults to "http://localhost:2397".
 * `upstream` upstream resolvers to be used resolve external names found in etcd (think CNAMEs)
@@ -127,6 +130,6 @@ Querying with dig:
 reverse.skydns.local.
 ~~~
 
-# Bugs
+## Bugs
 
 Only the etcdv2 protocol is supported.

content/plugins/federation.md

@@ -4,7 +4,7 @@ description = "*federation* enables federated queries to be resolved via the kub
 weight = 12
 tags = [ "plugin", "federation" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.156327"
+date = "2018-01-10T19:37:18.559140"
 +++
 
 ## Description

content/plugins/file.md

@@ -4,7 +4,7 @@ description = "*file* enables serving zone data from an RFC 1035-style master fi
 weight = 13
 tags = [ "plugin", "file" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.156787"
+date = "2018-01-10T19:37:18.559332"
 +++
 
 ## Description

content/plugins/health.md

@@ -4,7 +4,7 @@ description = "*health* enables a health check endpoint."
 weight = 14
 tags = [ "plugin", "health" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.157263"
+date = "2018-01-10T19:37:18.559512"
 +++
 
 ## Description
@@ -28,6 +28,14 @@ supports health checks has a section "Health" in their README.
 
 Any plugin that implements the Healther interface will be used to report health.
 
+## Metrics
+
+If monitoring is enabled (via the *prometheus* directive) then the following metric is exported:
+
+* `coredns_health_request_duration_seconds{}` - duration to process a /health query. As this should
+  be a local operation it should be fast. A (large) increases in this duration indicates the
+  CoreDNS process is having trouble keeping up.
+
 ## Examples
 
 Run another health endpoint on http://localhost:8091.

content/plugins/hosts.md

@@ -4,7 +4,7 @@ description = "*hosts* enables serving zone data from a `/etc/hosts` style file.
 weight = 15
 tags = [ "plugin", "hosts" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.157697"
+date = "2018-01-10T19:37:18.559747"
 +++
 
 ## Description
@@ -19,12 +19,12 @@ available hosts files that block access to advertising servers.
 ~~~
 hosts [FILE [ZONES...]] {
     [INLINE]
-    fallthrough
+    fallthrough [ZONES...]
 }
 ~~~
 
 * **FILE** the hosts file to read and parse. If the path is relative the path from the *root*
-  directive will be prepended to it. Defaults to /etc/hosts if omitted. We scan the file for changes 
+  directive will be prepended to it. Defaults to /etc/hosts if omitted. We scan the file for changes
   every 5 seconds.
 * **ZONES** zones it should be authoritative for. If empty, the zones from the configuration block
    are used.
@@ -32,6 +32,9 @@ hosts [FILE [ZONES...]] {
    then all of them will be treated as the additional content for hosts file. The specified hosts
    file path will still be read but entries will be overrided.
 * `fallthrough` If zone matches and no record can be generated, pass request to the next plugin.
+  If **[ZONES...]** is omitted, then fallthrough happens for all zones for which the plugin
+  is authoritative. If specific zones are listed (for example `in-addr.arpa` and `ip6.arpa`), then only
+  queries for those zones will be subject to fallthrough.
 
 ## Examples
 

content/plugins/kubernetes.md

@@ -4,7 +4,7 @@ description = "*kubernetes* enables the reading zone data from a Kubernetes clus
 weight = 16
 tags = [ "plugin", "kubernetes" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.158304"
+date = "2018-01-10T19:37:18.560101"
 +++
 
 ## Description
@@ -41,7 +41,7 @@ kubernetes [ZONES...] {
     endpoint_pod_names
     upstream ADDRESS...
     ttl TTL
-    fallthrough
+    fallthrough [ZONES...]
 }
 ```
 
@@ -88,9 +88,12 @@ kubernetes [ZONES...] {
   to a file structured like resolv.conf.
 * `ttl` allows you to set a custom TTL for responses. The default (and allowed minimum) is to use
   5 seconds, the maximum is capped at 3600 seconds.
-* `fallthrough`  If a query for a record in the cluster zone results in NXDOMAIN, normally that is
-  what the response will be. However, if you specify this option, the query will instead be passed
-  on down the plugin chain, which can include another plugin to handle the query.
+* `fallthrough` **[ZONES...]** If a query for a record in the zones for which the plugin is authoritative
+  results in NXDOMAIN, normally that is what the response will be. However, if you specify this option,
+  the query will instead be passed on down the plugin chain, which can include another plugin to handle
+  the query. If **[ZONES...]** is omitted, then fallthrough happens for all zones for which the plugin
+  is authoritative. If specific zones are listed (for example `in-addr.arpa` and `ip6.arpa`), then only
+  queries for those zones will be subject to fallthrough.
 
 ## Health
 

content/plugins/loadbalance.md

@@ -4,7 +4,7 @@ description = "*loadbalance* acts as a round-robin DNS loadbalancer by randomizi
 weight = 17
 tags = [ "plugin", "loadbalance" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.158763"
+date = "2018-01-10T19:37:18.560351"
 +++
  in the answer.
 

content/plugins/log.md

@@ -4,7 +4,7 @@ description = "*log* enables query logging to standard output."
 weight = 18
 tags = [ "plugin", "log" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.159270"
+date = "2018-01-10T19:37:18.560558"
 +++
 
 ## Description

content/plugins/metrics.md

@@ -4,7 +4,7 @@ description = "*prometheus* enables [Prometheus](https://prometheus.io/) metrics
 weight = 19
 tags = [ "plugin", "metrics" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.159688"
+date = "2018-01-10T19:37:18.560820"
 +++
 
 ## Description
@@ -65,7 +65,7 @@ then:
 }
 ~~~
 
-# Bugs
+## Bugs
 
 When reloading, we keep the handler running, meaning that any changes to the handler's address
 aren't picked up. You'll need to restart CoreDNS for that to happen.

content/plugins/nsid.md

@@ -4,7 +4,7 @@ description = "*nsid* adds an identifier of this server to each reply."
 weight = 20
 tags = [ "plugin", "nsid" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.160153"
+date = "2018-01-10T19:37:18.561062"
 +++
 
 ## Description

content/plugins/pprof.md

@@ -4,7 +4,7 @@ description = "*pprof* publishes runtime profiling data at endpoints under `/deb
 weight = 21
 tags = [ "plugin", "pprof" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.160691"
+date = "2018-01-10T19:37:18.561369"
 +++
 
 ## Description
@@ -53,7 +53,7 @@ Listen on an all addresses on port 6060:
 }
 ~~~
 
-# Also See
+## Also See
 
 See [Go's pprof documentation](https://golang.org/pkg/net/http/pprof/) and [Profiling Go
 Programs](https://blog.golang.org/profiling-go-programs).

content/plugins/proxy.md

@@ -4,7 +4,7 @@ description = "*proxy* facilitates both a basic reverse proxy and a robust load
 weight = 22
 tags = [ "plugin", "proxy" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.161258"
+date = "2018-01-10T19:37:18.561773"
 +++
 
 ## Description
@@ -198,7 +198,7 @@ example.org {
 }
 ~~~
 
-# Bugs
+## Bugs
 
 When using the `google_https` protocol the health checking will health check the wrong endpoint.
 See <https://github.com/coredns/coredns/issues/1202> for some background.

content/plugins/reverse.md

@@ -4,7 +4,7 @@ description = "*reverse* allows for dynamic responses to PTR and the related A/A
 weight = 23
 tags = [ "plugin", "reverse" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.161714"
+date = "2018-01-10T19:37:18.562178"
 +++
 
 ## Description
@@ -18,7 +18,7 @@ response. This is only done for "address" records (PTR, A and AAAA).
 reverse NETWORK... {
     hostname TEMPLATE
     [ttl TTL]
-    [fallthrough]
+    [fallthrough [ZONES...]]
     [wildcard]
 ~~~
 
@@ -26,6 +26,9 @@ reverse NETWORK... {
 * `hostname` injects the IP and zone to a template for the hostname. Defaults to "ip-{IP}.{zone[1]}". See below for template.
 * `ttl` defaults to 60
 * `fallthrough` if zone matches and no record can be generated, pass request to the next plugin.
+  If **[ZONES...]** is omitted, then fallthrough happens for all zones for which the plugin
+  is authoritative. If specific zones are listed (for example `in-addr.arpa` and `ip6.arpa`), then only
+  queries for those zones will be subject to fallthrough.
 * `wildcard` allows matches to catch all subdomains as well.
 
 ### Template Syntax

content/plugins/rewrite.md

@@ -4,7 +4,7 @@ description = "*rewrite* performs internal message rewriting."
 weight = 24
 tags = [ "plugin", "rewrite" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.162236"
+date = "2018-01-10T19:37:18.562592"
 +++
 
 ## Description

content/plugins/root.md

@@ -4,7 +4,7 @@ description = "*root* simply specifies the root of where to find (zone) files."
 weight = 25
 tags = [ "plugin", "root" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.162625"
+date = "2018-01-10T19:37:18.562911"
 +++
 
 ## Description

content/plugins/secondary.md

@@ -4,7 +4,7 @@ description = "*secondary* enables serving a zone retrieved from a primary serve
 weight = 26
 tags = [ "plugin", "secondary" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.163041"
+date = "2018-01-10T19:37:18.563147"
 +++
 
 ## Description
@@ -62,6 +62,6 @@ Or re-export the retrieved zone to other secondaries.
 }
 ~~~
 
-# Bugs
+## Bugs
 
 Only AXFR is supported and the retrieved zone is not committed to disk.

content/plugins/tls.md

@@ -1,10 +1,10 @@
 +++
 title = "tls"
 description = "*tls* allows you to configure the server certificates for the TLS and gRPC servers."
-weight = 27
+weight = 28
 tags = [ "plugin", "tls" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.163566"
+date = "2018-01-10T19:37:18.564009"
 +++
 
 ## Description

content/plugins/trace.md

@@ -1,10 +1,10 @@
 +++
 title = "trace"
 description = "*trace* enables OpenTracing-based tracing of DNS requests as they go through the plugin chain."
-weight = 28
+weight = 29
 tags = [ "plugin", "trace" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.164077"
+date = "2018-01-10T19:37:18.564387"
 +++
 
 ## Description

content/plugins/whoami.md

@@ -1,10 +1,10 @@
 +++
 title = "whoami"
 description = "*whoami* returns your resolver's local IP address, port and transport."
-weight = 29
+weight = 30
 tags = [ "plugin", "whoami" ]
 categories = [ "plugin" ]
-date = "2018-01-04T12:51:22.164474"
+date = "2018-01-10T19:37:18.564605"
 +++
 
 ## Description

data/coredns.toml

@@ -1,2 +1,2 @@
 [release]
-  version = "1.0.2"
+  version = "1.0.3"