Added configmap option to disable IPv6 in nginx DNS resolver (#1992)
This commit is contained in:
Luke Jolly
Manuel Alejandro de Brito Fontes
parent
ad2238ca94
commit
42076e8ed0
7 changed files with 46 additions and 17 deletions
|
|
@ -144,6 +144,7 @@ func ReadConfig(src map[string]string) config.Configuration {
|
|||
to.HideHeaders = hideHeaderslist
|
||||
to.HTTPRedirectCode = redirectCode
|
||||
to.ProxyStreamResponses = streamResponses
|
||||
to.DisableIpv6DNS = !ing_net.IsIPv6Enabled()
|
||||
|
||||
config := &mapstructure.DecoderConfig{
|
||||
Metadata: nil,
|
||||
|
|
|
|||
|
|
@ -163,11 +163,16 @@ func formatIP(input string) string {
|
|||
}
|
||||
|
||||
// buildResolvers returns the resolvers reading the /etc/resolv.conf file
|
||||
func buildResolvers(input interface{}) string {
|
||||
func buildResolvers(res interface{}, disableIpv6 interface{}) string {
|
||||
// NGINX need IPV6 addresses to be surrounded by brackets
|
||||
nss, ok := input.([]net.IP)
|
||||
nss, ok := res.([]net.IP)
|
||||
if !ok {
|
||||
glog.Errorf("expected a '[]net.IP' type but %T was returned", input)
|
||||
glog.Errorf("expected a '[]net.IP' type but %T was returned", res)
|
||||
return ""
|
||||
}
|
||||
no6, ok := disableIpv6.(bool)
|
||||
if !ok {
|
||||
glog.Errorf("expected a 'bool' type but %T was returned", disableIpv6)
|
||||
return ""
|
||||
}
|
||||
|
||||
|
|
@ -178,14 +183,21 @@ func buildResolvers(input interface{}) string {
|
|||
r := []string{"resolver"}
|
||||
for _, ns := range nss {
|
||||
if ing_net.IsIPV6(ns) {
|
||||
if no6 {
|
||||
continue
|
||||
}
|
||||
r = append(r, fmt.Sprintf("[%v]", ns))
|
||||
} else {
|
||||
r = append(r, fmt.Sprintf("%v", ns))
|
||||
}
|
||||
}
|
||||
r = append(r, "valid=30s;")
|
||||
r = append(r, "valid=30s")
|
||||
|
||||
return strings.Join(r, " ")
|
||||
if no6 {
|
||||
r = append(r, "ipv6=off")
|
||||
}
|
||||
|
||||
return strings.Join(r, " ") + ";"
|
||||
}
|
||||
|
||||
// buildLocation produces the location string, if the ingress has redirects
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ import (
|
|||
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
|
||||
"k8s.io/ingress-nginx/internal/file"
|
||||
"k8s.io/ingress-nginx/internal/ingress"
|
||||
"k8s.io/ingress-nginx/internal/ingress/annotations/authreq"
|
||||
|
|
@ -352,7 +353,14 @@ func TestBuildResolvers(t *testing.T) {
|
|||
ipList := []net.IP{ipOne, ipTwo}
|
||||
|
||||
validResolver := "resolver 192.0.0.1 [2001:db8:1234::] valid=30s;"
|
||||
resolver := buildResolvers(ipList)
|
||||
resolver := buildResolvers(ipList, false)
|
||||
|
||||
if resolver != validResolver {
|
||||
t.Errorf("Expected '%v' but returned '%v'", validResolver, resolver)
|
||||
}
|
||||
|
||||
validResolver = "resolver 192.0.0.1 valid=30s ipv6=off;"
|
||||
resolver = buildResolvers(ipList, true)
|
||||
|
||||
if resolver != validResolver {
|
||||
t.Errorf("Expected '%v' but returned '%v'", validResolver, resolver)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue