coredns
/
coredns.io
mirror of https://github.com/coredns/coredns.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

copy pending PR from coredns

This commit is contained in:
Miek Gieben 2017-09-15 22:23:38 +01:00
parent 3375029747
commit fe1ac10bfe
28 changed files with 143 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
content/plugins/auto.md
View File

@ -4,7 +4,7 @@ description = "*auto* enables serving zone data from an RFC 1035-style master fi
weight = 1
tags = [ "plugin", "auto" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.991088"
date = "2017-09-15T21:22:42.283204"
+++
The *auto* plugin is used for an "old-style" DNS server. It serves from a preloaded file that exists
@ -54,19 +54,23 @@ directive only is authoritative for `example.ORG`.
Load `org` domains from `/etc/coredns/zones/org` and allow transfers to the internet, but send
notifies to 10.240.1.1
~~~
auto org {
directory /etc/coredns/zones/org
transfer to *
transfer to 10.240.1.1
~~~ corefile
. {
auto org {
directory /etc/coredns/zones/org
transfer to *
transfer to 10.240.1.1
}
}
~~~
Load `org` domains from `/etc/coredns/zones/org` and looks for file names as `www.db.example.org`,
where `example.org` is the origin. Scan every 45 seconds.
~~~
auto org {
directory /etc/coredns/zones/org www\.db\.(.*) {1} 45
~~~ corefile
org {
auto {
directory /etc/coredns/zones/org www\.db\.(.*) {1} 45
}
}
~~~

11
content/plugins/autopath.md
View File

@ -1,14 +1,17 @@
+++
title = "autopath"
description = "The *autopath* plugin allows CoreDNS to perform server side search path completion. If it sees a query that matches the first element of the configured search path, *autopath* will follow the chain of search path elements and returns the first reply that is not NXDOMAIN. On any failures the original reply is returned."
description = "*autopath* allows CoreDNS to perform server side search path completion."
weight = 2
tags = [ "plugin", "autopath" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.992274"
date = "2017-09-15T21:22:42.283508"
+++
Because *autopath* returns a reply for a name that wasn't the original question it will add a CNAME
that points from the original name (with the search path element in it) to the name of this answer.
If it sees a query that matches the first element of the configured search path, *autopath* will
follow the chain of search path elements and returns the first reply that is not NXDOMAIN. On any
failures the original reply is returned. Because *autopath* returns a reply for a name that wasn't
the original question it will add a CNAME that points from the original name (with the search path
element in it) to the name of this answer.
## Syntax

8
content/plugins/bind.md
View File

@ -4,7 +4,7 @@ description = "*bind* overrides the host to which the server should bind."
weight = 3
tags = [ "plugin", "bind" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.992585"
date = "2017-09-15T21:22:42.283638"
+++
Normally, the listener binds to the wildcard host. However, you may force the listener to bind to
@ -22,6 +22,8 @@ bind ADDRESS
To make your socket accessible only to that machine, bind to IP 127.0.0.1 (localhost):
~~~ txt
bind 127.0.0.1
~~~
. {
bind 127.0.0.1
}
~~~

10
content/plugins/cache.md
View File

@ -4,7 +4,7 @@ description = "*cache* enables a frontend cache. It will cache all records excep
weight = 4
tags = [ "plugin", "cache" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.992875"
date = "2017-09-15T21:22:42.283788"
+++
## Syntax
@ -67,7 +67,9 @@ cache 10
Proxy to Google Public DNS and only cache responses for example.org (or below).
~~~
proxy . 8.8.8.8:53
cache example.org
~~~ corefile
. {
proxy . 8.8.8.8:53
cache example.org
}
~~~

4
content/plugins/chaos.md
View File

@ -1,10 +1,10 @@
+++
title = "chaos"
description = "The *chaos* plugin allows CoreDNS to respond to TXT queries in the CH class."
description = "*chaos* allows CoreDNS to respond to TXT queries in the CH class."
weight = 5
tags = [ "plugin", "chaos" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.993092"
date = "2017-09-15T21:22:42.283912"
+++
This is useful for retrieving version or author information from the server.

8
content/plugins/debug.md
View File

@ -4,7 +4,7 @@ description = "*debug* disables the automatic recovery upon a CoreDNS crash so t
weight = 6
tags = [ "plugin", "debug" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.993274"
date = "2017-09-15T21:22:42.283997"
+++
Note that the *errors* plugin (if loaded) will also set a `recover` negating this setting.
@ -20,6 +20,8 @@ debug
Disable CoreDNS' ability to recover from crashes:
~~~ txt
debug
~~~ corefile
. {
debug
}
~~~

2
content/plugins/dnssec.md
View File

@ -4,7 +4,7 @@ description = "*dnssec* enables on-the-fly DNSSEC signing of served data."
weight = 7
tags = [ "plugin", "dnssec" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.993526"
date = "2017-09-15T21:22:42.284101"
+++
## Syntax

2
content/plugins/dnstap.md
View File

@ -4,7 +4,7 @@ description = "*dnstap* enables logging to dnstap, a flexible, structured binary
weight = 8
tags = [ "plugin", "dnstap" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.993762"
date = "2017-09-15T21:22:42.284192"
+++
There is a buffer, expect at least 13 requests before the server sends its dnstap messages to the socket.

19
content/plugins/erratic.md
View File

@ -1,18 +1,19 @@
+++
title = "erratic"
description = "*erratic* is a plugin useful for testing client behavior. It returns a static response to all queries, but the responses can be delayed, dropped or truncated."
description = "*erratic* is a plugin useful for testing client behavior."
weight = 9
tags = [ "plugin", "erratic" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.993997"
date = "2017-09-15T21:22:42.284290"
+++
It returns a static response to all queries, but the responses can be delayed, dropped or truncated.
The *erratic* plugin will respond to every A or AAAA query. For any other type it will return
a SERVFAIL response. The reply for A will return 192.0.2.53 (see RFC 5737), for AAAA it returns
2001:DB8::53 (see RFC 3849).
*erratic* can also be used in conjunction with the *autopath* plugin. This is mostly to aid in
testing.
testing.
## Syntax
@ -31,8 +32,8 @@ erratic {
## Examples
~~~ txt
.:53 {
~~~ corefile
. {
erratic {
drop 3
}
@ -41,7 +42,7 @@ erratic {
Or even shorter if the defaults suits you. Note this only drops queries, it does not delay them.
~~~ txt
~~~ corefile
. {
erratic
}
@ -49,7 +50,7 @@ Or even shorter if the defaults suits you. Note this only drops queries, it does
Delay 1 in 3 queries for 50ms
~~~ txt
~~~ corefile
. {
erratic {
delay 3 50ms
@ -59,7 +60,7 @@ Delay 1 in 3 queries for 50ms
Delay 1 in 3 and truncate 1 in 5.
~~~ txt
~~~ corefile
. {
erratic {
delay 3 5ms
@ -70,7 +71,7 @@ Delay 1 in 3 and truncate 1 in 5.
Drop every second query.
~~~ txt
~~~ corefile
. {
erratic {
drop 2

2
content/plugins/errors.md
View File

@ -4,7 +4,7 @@ description = "*errors* enables error logging."
weight = 10
tags = [ "plugin", "errors" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.994187"
date = "2017-09-15T21:22:42.284367"
+++
Any errors encountered during the query processing will be printed to standard output.

22
content/plugins/etcd.md
View File

@ -1,12 +1,16 @@
+++
title = "etcd"
description = "*etcd* enables reading zone data from an etcd instance. The data in etcd has to be encoded as a [message](https://github.com/skynetservices/skydns/blob/2fcff74cdc9f9a7dd64189a447ef27ac354b725f/msg/service.go#L26) like [SkyDNS](https://github.com/skynetservices/skydns). It should also work just like SkyDNS."
description = "*etcd* enables reading zone data from an etcd (v2) instance."
weight = 11
tags = [ "plugin", "etcd" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.994466"
date = "2017-09-15T21:22:42.284479"
+++
The data in etcd has to be encoded as
a [message](https://github.com/skynetservices/skydns/blob/2fcff74cdc9f9a7dd64189a447ef27ac354b725f/msg/service.go#L26)
like [SkyDNS](https://github.com/skynetservices/skydns). It should also work just like SkyDNS.
The etcd plugin makes extensive use of the proxy plugin to forward and query other servers
in the network.
@ -53,8 +57,8 @@ etcd [ZONES...] {
This is the default SkyDNS setup, with everying specified in full:
~~~
.:53 {
~~~ corefile
. {
etcd skydns.local {
stubzones
path /skydns
@ -71,8 +75,8 @@ This is the default SkyDNS setup, with everying specified in full:
Or a setup where we use `/etc/resolv.conf` as the basis for the proxy and the upstream
when resolving external pointing CNAMEs.
~~~
.:53 {
~~~ corefile
. {
etcd skydns.local {
path /skydns
upstream /etc/resolv.conf
@ -91,9 +95,9 @@ need to add the zone `0.0.10.in-addr.arpa` to the list of zones. (The fun starts
in the ip6.arpa domain.) Showing a snippet of a Corefile:
~~~
etcd skydns.local 0.0.10.in-addr.arpa {
stubzones
...
etcd skydns.local 0.0.10.in-addr.arpa {
stubzones
...
~~~
Next you'll need to populate the zone with reverse records, here we add a reverse for

10
content/plugins/federation.md
View File

@ -1,10 +1,10 @@
+++
title = "federation"
description = "The *federation* plugin enables [federated](https://kubernetes.io/docs/tasks/federation/federation-service-discovery/) queries to be resolved via the kubernetes plugin."
description = "*federation* enables [federated](https://kubernetes.io/docs/tasks/federation/federation-service-discovery/) queries to be resolved via the kubernetes plugin."
weight = 12
tags = [ "plugin", "federation" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.994890"
date = "2017-09-15T21:22:42.284578"
+++
Enabling *federation* without also having *kubernetes* is a noop.
@ -23,9 +23,9 @@ federation [ZONES...] {
Here we handle all service requests in the `prod` and `stage` federations.
~~~ txt
~~~
. {
kubernetes cluster.local
kubernetes cluster.local
federation cluster.local {
prod prod.feddomain.com
staging staging.feddomain.com
@ -35,7 +35,7 @@ Here we handle all service requests in the `prod` and `stage` federations.
Or slightly shorter:
~~~ txt
~~~
cluster.local {
kubernetes
federation {

2
content/plugins/file.md
View File

@ -4,7 +4,7 @@ description = "*file* enables serving zone data from an RFC 1035-style master fi
weight = 13
tags = [ "plugin", "file" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.995131"
date = "2017-09-15T21:22:42.284682"
+++
The file plugin is used for an "old-style" DNS server. It serves from a preloaded file that exists

4
content/plugins/health.md
View File

@ -1,10 +1,10 @@
+++
title = "health"
description = "This module enables a simple health check endpoint. By default it will listen on port 8080."
description = "*health* enabless a simple health check endpoint. By default it will listen on port 8080."
weight = 14
tags = [ "plugin", "health" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.995407"
date = "2017-09-15T21:22:42.284770"
+++
## Syntax

2
content/plugins/hosts.md
View File

@ -4,7 +4,7 @@ description = "*hosts* enables serving zone data from a `/etc/hosts` style file.
weight = 15
tags = [ "plugin", "hosts" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.995635"
date = "2017-09-15T21:22:42.284862"
+++
The hosts plugin is useful for serving zones from a /etc/hosts file. It serves from a preloaded

7
content/plugins/kubernetes.md
View File

@ -1,12 +1,15 @@
+++
title = "kubernetes"
description = "The *kubernetes* plugin enables the reading zone data from a Kubernetes cluster. It implements the [Kubernetes DNS-Based Service Discovery Specification](https://github.com/kubernetes/dns/blob/master/docs/specification.md)."
description = "The *kubernetes* plugin enables the reading zone data from a Kubernetes cluster."
weight = 16
tags = [ "plugin", "kubernetes" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.996160"
date = "2017-09-15T21:22:42.285006"
+++
It implements the [Kubernetes DNS-Based Service Discovery
Specification](https://github.com/kubernetes/dns/blob/master/docs/specification.md).
CoreDNS running the kubernetes plugin can be used as a replacement of kube-dns in a kubernetes
cluster. See the [deployment](https://github.com/coredns/deployment) repository for details on [how
to deploy CoreDNS in Kubernetes](https://github.com/coredns/deployment/tree/master/kubernetes).

2
content/plugins/loadbalance.md
View File

@ -4,7 +4,7 @@ description = "*loadbalance* acts as a round-robin DNS loadbalancer by randomizi
weight = 17
tags = [ "plugin", "loadbalance" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.996400"
date = "2017-09-15T21:22:42.285106"
+++
See [Wikipedia](https://en.wikipedia.org/wiki/Round-robin_DNS) about the pros and cons on this

2
content/plugins/log.md
View File

@ -4,7 +4,7 @@ description = "*log* enables query logging to standard output."
weight = 18
tags = [ "plugin", "log" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.996794"
date = "2017-09-15T21:22:42.285223"
+++
## Syntax

10
content/plugins/metrics.md
View File

@ -1,10 +1,10 @@
+++
title = "prometheus"
description = "This module enables prometheus metrics for CoreDNS."
description = "*prometheus* enables [Prometheus](https://prometheus.io/) metrics for CoreDNS."
weight = 19
tags = [ "plugin", "metrics" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.997160"
date = "2017-09-15T21:22:42.285331"
+++
The default location for the metrics is `localhost:9153`. The metrics path is fixed to `/metrics`.
@ -48,8 +48,10 @@ is `localhost:9153`. The metrics path is fixed to `/metrics`.
Use an alternative address:
~~~
prometheus localhost:9253
~~~ corefile
. {
prometheus localhost:9253
}
~~~
# Bugs

8
content/plugins/pprof.md
View File

@ -1,10 +1,10 @@
+++
title = "pprof"
description = "*pprof* publishes runtime profiling data at endpoints under /debug/pprof."
description = "*pprof* publishes runtime profiling data at endpoints under `/debug/pprof`."
weight = 20
tags = [ "plugin", "pprof" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.997509"
date = "2017-09-15T21:22:42.285465"
+++
You can visit `/debug/pprof` on your site for an index of the available endpoints. By default it
@ -36,7 +36,9 @@ pprof
Listen on an alternate address:
~~~
pprof 10.9.8.7:6060
. {
pprof 10.9.8.7:6060
}
~~~
Listen on an all addresses on port 6060:

54
content/plugins/proxy.md
View File

@ -4,7 +4,7 @@ description = "*proxy* facilitates both a basic reverse proxy and a robust load
weight = 21
tags = [ "plugin", "proxy" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.997951"
date = "2017-09-15T21:22:42.285619"
+++
The proxy has support for multiple backends. The load balancing features include multiple policies,
@ -118,55 +118,67 @@ proxy example.org 127.0.0.1:9005
Load-balance all requests between three backends (using random policy):
~~~
proxy . 10.0.0.10:53 10.0.0.11:1053 10.0.0.12
~~~ corefile
. {
proxy . 10.0.0.10:53 10.0.0.11:1053 10.0.0.12
}
~~~
Same as above, but round-robin style:
~~~
proxy . 10.0.0.10:53 10.0.0.11:1053 10.0.0.12 {
policy round_robin
~~~ corefile
. {
proxy . 10.0.0.10:53 10.0.0.11:1053 10.0.0.12 {
policy round_robin
}
}
~~~
With health checks and proxy headers to pass hostname, IP, and scheme upstream:
~~~
proxy . 10.0.0.11:53 10.0.0.11:53 10.0.0.12:53 {
policy round_robin
health_check /health:8080
~~~ corefile
. {
proxy . 10.0.0.11:53 10.0.0.11:53 10.0.0.12:53 {
policy round_robin
health_check /health:8080
}
}
~~~
Proxy everything except requests to miek.nl or example.org
~~~
proxy . 10.0.0.10:1234 {
except miek.nl example.org
. {
proxy . 10.0.0.10:1234 {
except miek.nl example.org
}
}
~~~
Proxy everything except example.org using the host resolv.conf nameservers:
Proxy everything except `example.org` using the host's `resolv.conf`'s nameservers:
~~~
proxy . /etc/resolv.conf {
except miek.nl example.org
~~~ corefile
. {
proxy . /etc/resolv.conf {
except miek.nl example.org
}
}
~~~
Proxy all requests within example.org to Google's dns.google.com.
Proxy all requests within `example.org` to Google's `dns.google.com`.
~~~
proxy example.org 1.2.3.4:53 {
protocol https_google
~~~ corefile
. {
proxy example.org 1.2.3.4:53 {
protocol https_google
}
}
~~~
Proxy everything with HTTPS to `dns.google.com`, except `example.org`. Then have another proxy in
another stanza that uses plain DNS to resolve names under `example.org`.
~~~
~~~ corefile
. {
proxy . 1.2.3.4:53 {
except example.org

8
content/plugins/reverse.md
View File

@ -1,10 +1,10 @@
+++
title = "reverse"
description = "The *reverse* plugin allows CoreDNS to respond dynamically to a PTR request and the related A/AAAA request."
description = "*reverse* allows CoreDNS to respond dynamically to a PTR request and the related A/AAAA request."
weight = 22
tags = [ "plugin", "reverse" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.998233"
date = "2017-09-15T21:22:42.285736"
+++
## Syntax
@ -43,7 +43,7 @@ The zone will be matched by the zones listed in *this* configuration stanza.
## Examples
~~~ txt
~~~ corefile
arpa compute.internal {
# proxy unmatched requests
proxy . 8.8.8.8
@ -68,7 +68,7 @@ arpa compute.internal {
~~~
~~~ txt
~~~ corefile
32.10.in-addr.arpa.arpa arpa.company.org {
reverse 10.32.0.0/16 {

2
content/plugins/rewrite.md
View File

@ -4,7 +4,7 @@ description = "*rewrite* performs internal message rewriting."
weight = 23
tags = [ "plugin", "rewrite" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.998563"
date = "2017-09-15T21:22:42.285859"
+++
Rewrites are invisible to the client. There are simple rewrites (fast) and complex rewrites

8
content/plugins/root.md
View File

@ -4,7 +4,7 @@ description = "*root* simply specifies the root of where CoreDNS finds (e.g.) zo
weight = 24
tags = [ "plugin", "root" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.998765"
date = "2017-09-15T21:22:42.285957"
+++
The default root is the current working directory of CoreDNS. A relative root path is relative to
@ -22,6 +22,8 @@ root PATH
Serve zone data (when the *file* plugin is used) from `/etc/coredns/zones`:
~~~ txt
root /etc/coredns/zones
~~~ corefile
. {
root /etc/coredns/zones
}
~~~

2
content/plugins/secondary.md
View File

@ -4,7 +4,7 @@ description = "*secondary* enables serving a zone retrieved from a primary serve
weight = 25
tags = [ "plugin", "secondary" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.998978"
date = "2017-09-15T21:22:42.286056"
+++
## Syntax

2
content/plugins/tls.md
View File

@ -4,7 +4,7 @@ description = "*tls* allows you to configure the server certificates for the TLS
weight = 26
tags = [ "plugin", "tls" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.999363"
date = "2017-09-15T21:22:42.286172"
+++
CoreDNS supports queries that are encrypted using TLS (DNS over Transport Layer Security, RFC 7858)

10
content/plugins/trace.md
View File

@ -1,10 +1,10 @@
+++
title = "trace"
description = "This module enables OpenTracing-based tracing of DNS requests as they go through the plugin chain."
description = "*trace* enables OpenTracing-based tracing of DNS requests as they go through the plugin chain."
weight = 27
tags = [ "plugin", "trace" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.999643"
date = "2017-09-15T21:22:42.286286"
+++
## Syntax
@ -55,8 +55,10 @@ trace tracinghost:9253
or
~~~
trace zipkin tracinghost:9253
~~~ corefile
. {
trace zipkin tracinghost:9253
}
~~~
If for some reason you are using an API reverse proxy or something and need to remap

2
content/plugins/whoami.md
View File

@ -4,7 +4,7 @@ description = "*whoami* returns your resolver's local IP address, port and trans
weight = 28
tags = [ "plugin", "whoami" ]
categories = [ "plugin" ]
date = "2017-09-14T08:38:42.999941"
date = "2017-09-15T21:22:42.286379"
+++
The reply always has an empty answer section. The port and transport are included in the additional