linkerd
/
linkerd2
mirror of https://github.com/linkerd/linkerd2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make absolute names truly absolute. (#525) 

Kubernetes will do multiple DNS lookups for a name like
`proxy-api.conduit.svc.cluster.local` based on the default search settings
in /etc/resolv.conf for each container:

1. proxy-api.conduit.svc.cluster.local.conduit.svc.cluster.local. IN A
2. proxy-api.conduit.svc.cluster.local.svc.cluster.local. IN A
3. proxy-api.conduit.svc.cluster.local.cluster.local. IN A
4. proxy-api.conduit.svc.cluster.local. IN A

We do not need or want this search to be done, so avoid it by making each
name absolute by appending a period so that the first three DNS queries
are skipped for each name.

The case for `localhost` is even worse because we expect that `localhost` will
always resolve to 127.0.0.1 and/or ::1, but this is not guaranteed if the default
search is done:

1. localhost.conduit.svc.cluster.local. IN A
2. localhost.svc.cluster.local. IN A
3. localhost.cluster.local. IN A
4. localhost. IN A

Avoid these unnecessary DNS queries by making each name absolute, so that the
first three DNS queries are skipped for each name.

Signed-off-by: Brian Smith <brian@briansmith.org>
This commit is contained in:
Brian Smith 2018-03-07 09:46:03 -10:00 committed by GitHub
parent 47fc2eae20
commit 517616a166
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 28 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cli/cmd/inject.go
View File

@ -21,7 +21,7 @@ import (
)
const (
LocalhostDNSNameOverride = "localhost"
LocalhostDNSNameOverride = "localhost."
ControlPlanePodName = "controller"
)
@ -136,7 +136,7 @@ func injectPodTemplateSpec(t *v1.PodTemplateSpec, controlPlaneDNSNameOverride, v
Privileged: &f,
},
}
controlPlaneDNS := fmt.Sprintf("proxy-api.%s.svc.cluster.local", controlPlaneNamespace)
controlPlaneDNS := fmt.Sprintf("proxy-api.%s.svc.cluster.local.", controlPlaneNamespace)
if controlPlaneDNSNameOverride != "" {
controlPlaneDNS = controlPlaneDNSNameOverride
}

2
cli/cmd/testdata/inject_emojivoto_deployment.golden.yml vendored
View File

@ -40,7 +40,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.conduit.svc.cluster.local:8086
value: tcp://proxy-api.conduit.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER

4
cli/cmd/testdata/inject_emojivoto_deployment_controller_name.golden.yml vendored
View File

@ -40,7 +40,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.conduit.svc.cluster.local:8086
value: tcp://proxy-api.conduit.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER
@ -133,7 +133,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.conduit.svc.cluster.local:8086
value: tcp://proxy-api.conduit.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER

2
cli/cmd/testdata/inject_emojivoto_deployment_hostNetwork_false.golden.yml vendored
View File

@ -41,7 +41,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.conduit.svc.cluster.local:8086
value: tcp://proxy-api.conduit.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER

4
cli/cmd/testdata/inject_gettest_deployment.good.golden.yml vendored
View File

@ -42,7 +42,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.conduit.svc.cluster.local:8086
value: tcp://proxy-api.conduit.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER
@ -137,7 +137,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.conduit.svc.cluster.local:8086
value: tcp://proxy-api.conduit.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER

16
cli/cmd/testdata/install_default.golden vendored
View File

@ -209,7 +209,7 @@ spec:
- -addr=:8087
- -metrics-addr=:9997
- -ignore-namespaces=kube-system
- -prometheus-url=http://prometheus.conduit.svc.cluster.local:9090
- -prometheus-url=http://prometheus.conduit.svc.cluster.local.:9090
- -log-level=info
- -logtostderr=true
image: gcr.io/runconduit/controller:undefined
@ -225,7 +225,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://localhost:8086
value: tcp://localhost.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER
@ -326,7 +326,7 @@ spec:
- args:
- -addr=:8084
- -metrics-addr=:9994
- -api-addr=api:8085
- -api-addr=api.conduit.svc.cluster.local.:8085
- -static-dir=/dist
- -template-dir=/templates
- -uuid=deaab91a-f4ab-448a-b7d1-c832a2fa0a60
@ -345,7 +345,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.conduit.svc.cluster.local:8086
value: tcp://proxy-api.conduit.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER
@ -457,7 +457,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.conduit.svc.cluster.local:8086
value: tcp://proxy-api.conduit.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER
@ -531,7 +531,7 @@ data:
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- targets: ['localhost.:9090']
- job_name: 'controller'
kubernetes_sd_configs:
@ -611,7 +611,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.conduit.svc.cluster.local:8086
value: tcp://proxy-api.conduit.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER
@ -715,7 +715,7 @@ data:
type: prometheus
access: proxy
orgId: 1
url: http://prometheus.conduit.svc.cluster.local:9090
url: http://prometheus.conduit.svc.cluster.local.:9090
isDefault: true
jsonData:
timeInterval: "5s"

16
cli/cmd/testdata/install_output.golden vendored
View File

@ -210,7 +210,7 @@ spec:
- -addr=:8087
- -metrics-addr=:9997
- -ignore-namespaces=kube-system
- -prometheus-url=http://prometheus.Namespace.svc.cluster.local:9090
- -prometheus-url=http://prometheus.Namespace.svc.cluster.local.:9090
- -log-level=ControllerLogLevel
- -logtostderr=true
image: ControllerImage
@ -226,7 +226,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://localhost:8086
value: tcp://localhost.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER
@ -328,7 +328,7 @@ spec:
- args:
- -addr=:8084
- -metrics-addr=:9994
- -api-addr=api:8085
- -api-addr=api.Namespace.svc.cluster.local.:8085
- -static-dir=/dist
- -template-dir=/templates
- -uuid=UUID
@ -347,7 +347,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.Namespace.svc.cluster.local:8086
value: tcp://proxy-api.Namespace.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER
@ -460,7 +460,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.Namespace.svc.cluster.local:8086
value: tcp://proxy-api.Namespace.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER
@ -534,7 +534,7 @@ data:
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- targets: ['localhost.:9090']
- job_name: 'controller'
kubernetes_sd_configs:
@ -615,7 +615,7 @@ spec:
- name: CONDUIT_PROXY_LOG
value: warn,conduit_proxy=info
- name: CONDUIT_PROXY_CONTROL_URL
value: tcp://proxy-api.Namespace.svc.cluster.local:8086
value: tcp://proxy-api.Namespace.svc.cluster.local.:8086
- name: CONDUIT_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: CONDUIT_PROXY_PRIVATE_LISTENER
@ -719,7 +719,7 @@ data:
type: prometheus
access: proxy
orgId: 1
url: http://prometheus.Namespace.svc.cluster.local:9090
url: http://prometheus.Namespace.svc.cluster.local.:9090
isDefault: true
jsonData:
timeInterval: "5s"

8
cli/install/template.go
View File

@ -212,7 +212,7 @@ spec:
- "-addr=:8087"
- "-metrics-addr=:9997"
- "-ignore-namespaces=kube-system"
- "-prometheus-url=http://prometheus.{{.Namespace}}.svc.cluster.local:9090"
- "-prometheus-url=http://prometheus.{{.Namespace}}.svc.cluster.local.:9090"
- "-log-level={{.ControllerLogLevel}}"
- "-logtostderr=true"
@ -270,7 +270,7 @@ spec:
args:
- "-addr=:8084"
- "-metrics-addr=:9994"
- "-api-addr=api:8085"
- "-api-addr=api.{{.Namespace}}.svc.cluster.local.:8085"
- "-static-dir=/dist"
- "-template-dir=/templates"
- "-uuid={{.UUID}}"
@ -355,7 +355,7 @@ data:
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- targets: ['localhost.:9090']
- job_name: 'controller'
kubernetes_sd_configs:
@ -481,7 +481,7 @@ data:
type: prometheus
access: proxy
orgId: 1
url: http://prometheus.{{.Namespace}}.svc.cluster.local:9090
url: http://prometheus.{{.Namespace}}.svc.cluster.local.:9090
isDefault: true
jsonData:
timeInterval: "5s"