Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support CNAMEs lookups when fetching the ingress's IP address #1782

Closed
abaguas opened this issue Nov 23, 2024 · 0 comments · Fixed by #1783
Closed

Support CNAMEs lookups when fetching the ingress's IP address #1782

abaguas opened this issue Nov 23, 2024 · 0 comments · Fixed by #1783

Comments

@abaguas
Copy link
Collaborator

abaguas commented Nov 23, 2024

A panic occurs when there is an Ingress resource with a load balancer's address configured as a hostname. And this hostname is a CNAME to another record.

How to reproduce

An Ingress resource with the load balancer's address configured as a hostname:

$ kubectl get ingress --namespace my-namespace my-application -o yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  labels:
    app.kubernetes.io/instance: my-application
  name: my-application
  namespace: my-namespace
spec:
   ...
status:
  loadBalancer:
    ingress:
    - hostname: ingress.my-cluster.ks.example.com

And where this hostname is a CNAME:

dig my-application.example.com

; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> my-application.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6877
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1220
; COOKIE: 03d578f46f75da8701000000673f91d300536bca8950a7b0 (good)
;; QUESTION SECTION:
;my-application.example.com. IN        A

;; ANSWER SECTION:
my-application.example.com. 60 IN CNAME ingress.my-cluster.ks.example.com.
ingress.my-cluster.ks.example.com. 60 IN CNAME ingress-nginx-controller.kube-system.svc.my-cluster.ks.
ingress-nginx-controller.kube-system.svc.my-cluster.ks. 19 IN A 10.248.224.50
ingress-nginx-controller.kube-system.svc.my-cluster.ks. 19 IN A 10.248.227.104
ingress-nginx-controller.kube-system.svc.my-cluster.ks. 19 IN A 10.248.227.49

Fix

Support CNAME records in addition to A records:

k8gb/controllers/utils/dns.go

Line 68 in 40f7264

ips = append(ips, a.(*dns.A).A.String())

Additional bug

It would be great if the panic log message showed the line where it panics instead of the line of code where the logger emitted the message.

2024-11-21T20:07:53Z ERR github.com/k8gb-io/k8gb/controllers/logging/logr.go:72 > events: Reconciler error {"Gslb":"my-namespace/my-application","controller":"gslb","controllerGroup":"k8gb.absa.oss","controllerKind":"Gslb","name":"my-application","namespace":"my-namespace","reconcileID":"cd328357-973e-43bd-8665-0c4e30e54e86"} error="panic: interface conversion: dns.RR is *dns.CNAME, not *dns.A [recovered]"

Reported in: https://cloud-native.slack.com/archives/C021P656HGB/p1732219873734419
bewing added a commit to bewing/k8gb that referenced this issue Nov 25, 2024
@bewing
Add CNAME support to util.Dig
16d91d5 
Support checking the answers from Dig for CNAMEs, and ensure that any
CNAMEs returned are answered, recursively calling to resolve them if
not.

Closes k8gb-io#1782

Signed-off-by: Brandon Ewing <[email protected]>
@bewing bewing mentioned this issue Nov 25, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add CNAME support to util.Dig bewing/k8gb
1 participant
@abaguas