Expose CoreDNS over tcp + make Dig in terratests go via tcp #845
Conversation
jkremser
requested review from
donovanmuller,
k0da,
kuritka,
somaritane and
ytsarev
as code owners
jkremser
force-pushed
the
lima-udp-workaround
branch
2 times, most recently
from
090d939 to
67f99de
Compare
|
@ytsarev it is more about to use tcp as it also works on |
| ports: | ||
| - name: tcp-5353 | ||
| port: 53 | ||
| protocol: TCP |
There was a problem hiding this comment.
Was it tested outside of the local scenario? Main concern is overall TCP support/expectation in the DNS environment
There was a problem hiding this comment.
nope, only in with terratests. There is a conditional at the very top of this file that doesn't deploy this svc for aws environment. btw. this doesn't make the switch from udp to tcp, this adds tcp protocol as the other option and instruct the tests that run in the local environment to go via tcp
There was a problem hiding this comment.
cool if udp is not getting disable then we are safe I guess
There was a problem hiding this comment.
@jkremser could you please move this service definition out of helm and deploy it during test setup creation (around we deploy edgeDNS)
| ports: | ||
| - name: tcp-5353 | ||
| port: 53 | ||
| protocol: TCP |
There was a problem hiding this comment.
@jkremser could you please move this service definition out of helm and deploy it during test setup creation (around we deploy edgeDNS)
jkremser
force-pushed
the
lima-udp-workaround
branch
from
a2ab77b to
5acb831
Compare
|
This way it will be deployed into default namespace
…On Thu, Mar 24, 2022, 18:39 Jirka Kremser ***@***.***> wrote:
@jkremser <https://github.com/jkremser> requested your review on: #845
<#845> Expose CoreDNS over tcp + make
Dig in terratests go via tcp.
—
Reply to this email directly, view it on GitHub
<#845 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAIM5FHBQGLM53X6CW7Z5Y3VBSSF7ANCNFSM5NPMMEDA>
.
You are receiving this because your review was requested.Message ID:
***@***.***>
|
Signed-off-by: Jirka Kremser <[email protected]>
Signed-off-by: Jirka Kremser <[email protected]>
Signed-off-by: Jirka Kremser <[email protected]>
jkremser
force-pushed
the
lima-udp-workaround
branch
from
5acb831 to
1fb222f
Compare
good point, added |
Signed-off-by: Jirka Kremser <[email protected]>
jkremser
force-pushed
the
lima-udp-workaround
branch
from
1fb222f to
d18abb6
Compare
why: When we get rid of Docker Desktop and use for instance Lima, it doesn't have support for UDP port forwarding from host to containers running in the VM - lima-vm/lima#366
So as a workaround, we can run the Dig in our tests using the tcp protocol, where the redirect works fine (it uses ssh tunnel).
tests will fail, it assumes a new release onAbsaOSS/gopkgwith this AbsaOSS/gopkg#11 merged inIt adds a new service for coredns that uses NodePort (30053) and then adds this redirect in k3d manifests so that
both work
todo: update docs for local playgroundthat
AbsaOSS/gopkglibrary contains a module called strings, that was renamed to string like a year ago, but only now it's failing because of the newly released version. Hence thestrings -> stringthing.btw:
Signed-off-by: Jirka Kremser [email protected]