Categorygithub.com/ivanfoo/rancher-dns
modulepackage
0.5.4
Repository: https://github.com/ivanfoo/rancher-dns.git
Documentation: pkg.go.dev

# README

rancher-dns

Build Status

A simple DNS server that returns different answers depending on the IP address of the client making the request.

Usage

  rancher-dns [--debug] [--listen host:port] [--ttl num] [--log path] [--pid-file path]--answers /path/to/answers.json

Compile

  godep go build

CLI Options

OptionDefaultDescription
--debugoffIf present, more debug info is logged
--listen0.0.0.0:53IP address and port to listen on (TCP & UDP)
--answers./answers.jsonPath to a JSON file with client-specific answers
--ttl600Default TTL for local responses that are returned
--lognoneOutput log info to a file path instead of stdout
--pid-filenoneWrite the server PID to a file path on startup

JSON Answers File

{
  "10.1.2.2": {
    // DNS servers to recurse to when answers are not found locally
    "recurse": ["8.8.4.4:53", "8.8.8.8"],

    // A records
    "a": {
      // FQDN => { answer: array of IPs, ttl: TTL for this specific answer }
      // Note: Key must be fully qualified (ending in dot)
      "mysql.": {"answer": ["10.1.2.3"], "ttl": 42},
      "web.": {"answer": ["10.1.2.4","10.1.2.5","10.1.2.6"]}
    },

    // CNAME records
    "cname": {
      // FQDN => { answer: a single FQDN, ttl: TTL for this specific answer }
      // Note: Key & Answer must be fully qualified (ending in dot)
      "www.": {"answer": "web.", "ttl": 42}
    },

    // PTR records
    "ptr": {
      // IP Address => { answer: a single FQDN, ttl: TTL for this specific answer }
      // or
      // FQDN (with backwards octets) => { answer: a single FQDN, ttl: TTL for this specific answer }
      "10.42.1.2": {"answer": "mycontainer.rancher.internal."},
      "3.1.42.10.in-addr.apra.": {"answer": "anothercontainer.rancher.internal."},
    },

    // TXT records
    "txt": {
      // FQDN => { answer: array of strings, ttl: TTL for this specific answer }
      // Each string must be < 255 chars.
      "example.com.": {"ttl": 43, "answer": [
        "v=spf1 ip4:192.168.0.0/16 ~all"
      ]}
    }
  },

  "192.168.0.2": {
    "recurse": ["8.8.4.4:53","8.8.8.8"],
    "a": {
      "mysql.": {"answer": ["192.168.0.3"]},
      "web.": {"answer": ["192.168.0.4","192.168.0.5","192.168.0.6"]}
    },
    "cname": {
      "www.": {"answer": "web."}
    }
  },

  // "default" is a special key that will be checked if no answer is found in a client IP-specific entry
  "default": {
    "recurse": ["8.8.8.8"],
    "a": {
      "foo.": {"answer": ["1.2.3.4"]}
    },
    "cname": {
      "website.": "www.",
      "external.": "rancher.com."
    }
  }
}

Answering queries

A query is answered by returning the first match of:

  • An entry in the answers map for the client's IP.
  • An entry in the answers map in the "default" key.
  • If there is a "recurse" key for the client's IP, perform recursive lookup on each of those servers (in order).
  • If there is a "recurse" key for the "default", perform recursive lookup on each of those servers (in order).
  • Do not pass go, do not collect $200. Return SERVFAIL.

If the result is a CNAME record, then the process is repeated recursively until an A record is found. If the chain does not end in an A record, is more than 10 levels deep, or is circular, an error is returned.

Limitations

  • Only A, CNAME, PTR, and TXT records are currently supported in the local config. Other kinds of records may be returned from recursive responses.

Contact

For bugs, questions, comments, corrections, suggestions, etc., open an issue in rancher/rancher with a title starting with [rancher-dns] .

Or just click here to create a new issue.

License

Copyright (c) 2015 Rancher Labs, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

# Functions

No description provided by the author
No description provided by the author
Proxy a request to an external server.
No description provided by the author
No description provided by the author

# Constants

The top-level key in the JSON for the default (not client-specific answers).
The 2nd-level key in the JSON for the recursive resolver addresses.

# Structs

No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author

# Type aliases

No description provided by the author