github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-25 04:33:26 +00:00
Code Issues Projects Releases Wiki Activity

Remove all the existing records before creating new ones to avoid DNS misconfiguration.

Browse Source 
When we fetch the dns records by name, we get a list of records that match
the given name. As an optimization we look up to see if the new record we
want to create is already in the returned list to avoid performing any updates.

However, when the new record we want to create isn't in the returned list, it
is hard to say if the returned list contains the list of records that we want
to retain. For example, we might get a list of A records and we want to create
a CNAME record. Creating a new CNAME record without removing the A records is
a DNS misconfiguration. So to play safe we just remove all the existing records
in the list and create the new desired record.

**Note**: This is the opposite of what I said here - https://reviewable.kubernetes.io/reviews/kubernetes/kubernetes/44626#-Ki9xQOzybryHvsxNrra.
This commit is contained in:
Madhusudan.C.S 2017-05-10 13:12:05 -07:00
parent 20e558060c
commit 4bde13ac62
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
federation/pkg/federation-controller/service/dns.go
View File

@ -254,9 +254,11 @@ func (s *ServiceController) ensureDnsRrsets(dnsZone dnsprovider.Zone, dnsName st
// Need to replace the existing one with a better one (or just remove it if we have no healthy endpoints).
glog.V(4).Infof("Existing recordset %v not equivalent to needed recordset %v removing existing and adding needed.", rrsetList, newRrset)
changeSet := rrsets.StartChangeset()
changeSet.Remove(found)
for i := range rrsetList {
changeSet = changeSet.Remove(rrsetList[i])
}
if uplevelCname != "" {
changeSet.Add(newRrset)
changeSet = changeSet.Add(newRrset)
if err := changeSet.Apply(); err != nil {
return err
}
@ -288,7 +290,12 @@ func (s *ServiceController) ensureDnsRrsets(dnsZone dnsprovider.Zone, dnsName st
} else {
// Need to replace the existing one with a better one
glog.V(4).Infof("Existing recordset %v is not equivalent to needed recordset %v, removing existing and adding needed.", found, newRrset)
if err = rrsets.StartChangeset().Remove(found).Add(newRrset).Apply(); err != nil {
changeSet := rrsets.StartChangeset()
for i := range rrsetList {
changeSet = changeSet.Remove(rrsetList[i])
}
changeSet = changeSet.Add(newRrset)
if err = changeSet.Apply(); err != nil {
return err
}
glog.V(4).Infof("Successfully replaced recordset %v -> %v", found, newRrset)