Skip to content

Commit

Permalink
feature: add dns controller to support access edge node by hostname
Browse files Browse the repository at this point in the history
  • Loading branch information
SataQiu committed Apr 26, 2021
1 parent b03a05d commit 1f82b2c
Show file tree
Hide file tree
Showing 12 changed files with 950 additions and 52 deletions.
2 changes: 2 additions & 0 deletions cmd/yurt-tunnel-server/app/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,9 @@ import (
type Config struct {
EgressSelectorEnabled bool
EnableIptables bool
EnableDNSController bool
IptablesSyncPeriod int
DNSSyncPeriod int
CertDNSNames []string
CertIPs []net.IP
ListenAddrForAgent string
Expand Down
8 changes: 8 additions & 0 deletions cmd/yurt-tunnel-server/app/options/options.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,10 @@ type ServerOptions struct {
CertIPs string
Version bool
EnableIptables bool
EnableDNSController bool
EgressSelectorEnabled bool
IptablesSyncPeriod int
DNSSyncPeriod int
TunnelAgentConnectPort string
SecurePort string
InsecurePort string
Expand All @@ -59,7 +61,9 @@ func NewServerOptions() *ServerOptions {
BindAddr: "0.0.0.0",
InsecureBindAddr: "127.0.0.1",
EnableIptables: true,
EnableDNSController: true,
IptablesSyncPeriod: 60,
DNSSyncPeriod: 1800,
ServerCount: 1,
TunnelAgentConnectPort: constants.YurttunnelServerAgentPort,
SecurePort: constants.YurttunnelServerMasterPort,
Expand Down Expand Up @@ -88,8 +92,10 @@ func (o *ServerOptions) AddFlags(fs *pflag.FlagSet) {
fs.StringVar(&o.CertDNSNames, "cert-dns-names", o.CertDNSNames, "DNS names that will be added into server's certificate. (e.g., dns1,dns2)")
fs.StringVar(&o.CertIPs, "cert-ips", o.CertIPs, "IPs that will be added into server's certificate. (e.g., ip1,ip2)")
fs.BoolVar(&o.EnableIptables, "enable-iptables", o.EnableIptables, "If allow iptable manager to set the dnat rule.")
fs.BoolVar(&o.EnableDNSController, "enable-dns-controller", o.EnableDNSController, "If allow DNS controller to set the dns rules.")
fs.BoolVar(&o.EgressSelectorEnabled, "egress-selector-enable", o.EgressSelectorEnabled, "If the apiserver egress selector has been enabled.")
fs.IntVar(&o.IptablesSyncPeriod, "iptables-sync-period", o.IptablesSyncPeriod, "The synchronization period of the iptable manager.")
fs.IntVar(&o.DNSSyncPeriod, "dns-sync-period", o.DNSSyncPeriod, "The synchronization period of the DNS controller.")
fs.IntVar(&o.ServerCount, "server-count", o.ServerCount, "The number of proxy server instances, should be 1 unless it is an HA server.")
fs.StringVar(&o.ProxyStrategy, "proxy-strategy", o.ProxyStrategy, "The strategy of proxying requests from tunnel server to agent.")
fs.StringVar(&o.TunnelAgentConnectPort, "tunnel-agent-connect-port", o.TunnelAgentConnectPort, "The port on which to serve tcp packets from tunnel agent")
Expand All @@ -103,7 +109,9 @@ func (o *ServerOptions) Config() (*config.Config, error) {
cfg := &config.Config{
EgressSelectorEnabled: o.EgressSelectorEnabled,
EnableIptables: o.EnableIptables,
EnableDNSController: o.EnableDNSController,
IptablesSyncPeriod: o.IptablesSyncPeriod,
DNSSyncPeriod: o.DNSSyncPeriod,
CertDNSNames: make([]string, 0),
CertIPs: make([]net.IP, 0),
ServerCount: o.ServerCount,
Expand Down
12 changes: 12 additions & 0 deletions cmd/yurt-tunnel-server/app/start.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ import (
"github.com/openyurtio/openyurt/cmd/yurt-tunnel-server/app/options"
"github.com/openyurtio/openyurt/pkg/projectinfo"
"github.com/openyurtio/openyurt/pkg/yurttunnel/constants"
"github.com/openyurtio/openyurt/pkg/yurttunnel/dns"
"github.com/openyurtio/openyurt/pkg/yurttunnel/handlerwrapper/initializer"
"github.com/openyurtio/openyurt/pkg/yurttunnel/handlerwrapper/wraphandler"
"github.com/openyurtio/openyurt/pkg/yurttunnel/iptables"
Expand Down Expand Up @@ -73,6 +74,17 @@ func NewYurttunnelServerCommand(stopCh <-chan struct{}) *cobra.Command {

// run starts the yurttunel-server
func Run(cfg *config.CompletedConfig, stopCh <-chan struct{}) error {
// 0. start the DNS controller
if cfg.EnableDNSController {
dnsController, err := dns.NewCoreDNSRecordController(cfg.Client,
cfg.SharedInformerFactory,
cfg.ListenInsecureAddrForMaster,
cfg.DNSSyncPeriod)
if err != nil {
return fmt.Errorf("fail to create a new dnsController, %v", err)
}
go dnsController.Run(stopCh)
}
// 1. start the IP table manager
if cfg.EnableIptables {
iptablesMgr := iptables.NewIptablesManager(cfg.Client,
Expand Down
1 change: 1 addition & 0 deletions config/setup/yurt-tunnel-server.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,7 @@ spec:
- yurt-tunnel-server
args:
- --bind-address=$(NODE_IP)
- --insecure-bind-address=$(NODE_IP)
- --proxy-strategy=destHost
- --v=2
env:
Expand Down
1 change: 1 addition & 0 deletions config/yaml-template/yurt-tunnel-server.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,7 @@ spec:
- __project_prefix__-tunnel-server
args:
- --bind-address=$(NODE_IP)
- --insecure-bind-address=$(NODE_IP)
- --proxy-strategy=destHost
- --v=2
env:
Expand Down
1 change: 1 addition & 0 deletions pkg/yurtctl/constants/yurt-tunnel-server-tmpl.go
Original file line number Diff line number Diff line change
Expand Up @@ -152,6 +152,7 @@ spec:
- yurt-tunnel-server
args:
- --bind-address=$(NODE_IP)
- --insecure-bind-address=$(NODE_IP)
- --server-count=1
env:
- name: NODE_IP
Expand Down
Loading

0 comments on commit 1f82b2c

Please sign in to comment.