Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: implement graceful, modifiable UDS Core CoreDNS overrides #112

Merged
merged 17 commits into from
Oct 2, 2024
Merged
Show file tree
Hide file tree
Changes from 14 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ This package is published via CI, but can be created locally with the following

## Start and Stop

To stop and start an existing UDS K3d cluster gracefully, without disrupting the `host.k3d.internal` CoreDNS rewrite for `*.uds.dev`, use the following prior to host hibernation, suspension, restart, or shutoff:
To stop and start an existing UDS K3d cluster gracefully, use the following prior to host hibernation, suspension, restart, or shutoff:

```bash
# to stop the default UDS cluster
Expand Down
4 changes: 3 additions & 1 deletion chart/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,4 +15,6 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.2.0
# x-release-please-start-version
version: 0.9.0
# x-release-please-end
4 changes: 1 addition & 3 deletions chart/templates/core-dns-custom.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,4 @@ metadata:
namespace: kube-system
data:
uds.override: |
rewrite stop {
name regex (.*\.uds\.dev) host.k3d.internal answer auto
}
{{ .Values.coreDnsOverrides | indent 4 }}
11 changes: 11 additions & 0 deletions chart/values.yaml
Original file line number Diff line number Diff line change
@@ -1 +1,12 @@
extraPorts: []

coreDnsOverrides: |
rewrite stop {
name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto
}
rewrite stop {
name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto
}
rewrite stop {
name regex (.*\.uds\.dev) host.k3d.internal answer auto
}
justinthelaw marked this conversation as resolved.
Show resolved Hide resolved
25 changes: 21 additions & 4 deletions docs/DNS.md
Original file line number Diff line number Diff line change
@@ -1,13 +1,30 @@
## Domain Assumptions
# Domain Assumptions

One of the core assumptions of the `uds-k3d` package is the use of `uds.dev` as the base domain for your development environment. This assumption is integral to the DNS and network configuration provided by the package. It is based on an existing DNS entry for `*.uds.dev` that resolves to `127.0.0.1`, facilitating local development and testing.

### CoreDNS Override
## CoreDNS Override

The package includes a CoreDNS configuration override designed to rewrite requests for `*.uds.dev` to `host.k3d.internal`. This rewrite ensures that any DNS resolution request within the cluster targeting a `*.uds.dev` address will be correctly routed to `host.k3d.internal` which is an internal K3D alias which resolves to the host gateway.
[UDS Core](https://github.com/defenseunicorns/uds-core) is assumed to be the main infrastructure and/or testing target in local development; therefore, the DNS resolution assumes the existence of the default admin and tenant Istio gateways.

This package includes a CoreDNS configuration override designed to rewrite requests for `*.uds.dev` to the tenant and admin Istio gateways based on the subdomain, `*.admin.uds.dev` or `*.uds.dev`. This rewrite ensures that any DNS resolution request within the cluster targeting a `*.uds.dev` address will be correctly routed to the correct service mesh gateway. A final rewrite in this package is used as a catch-all by redirecting `*.uds.dev` requests to `host.k3d.internal`.

The outcome of this is a pods in the cluster can resolve domains like sso.uds.dev to an address (not 127.0.0.1) that will ultimately get routed correctly.

### Nginx Configuration
You can use Zarf Helm overrides to overwrite the overrides provided by default in this package. To do so you must have Zarf >= v0.33.0. An example of how one might use this override with the default UDS task is as follows:

```bash
# Define the overrides
COREDNS_OVERRIDES=$(cat << 'EOF'
rewrite stop {
name regex (.*\.uds\.dev) host.k3d.internal answer auto
}
EOF
)

# Now use the variable in your command
uds run --set COREDNS_OVERRIDES="$COREDNS_OVERRIDES"
```

## Nginx Configuration

Additionally, the package includes Nginx configuration that assumes the use of `uds.dev` as the base domain. This configuration is tailored to support the development environment setup, ensuring that Nginx correctly handles requests and routes them within the cluster, based on the `uds.dev` domain.
10 changes: 5 additions & 5 deletions docs/PORTS.md
Original file line number Diff line number Diff line change
@@ -1,20 +1,20 @@
## Port Configuration
# Port Configuration

By default, `uds-k3d` will only expose ports `80` and `443` through `k3d` with a redirect from `80` to `443` within the Nginx configuration. The works for most packages however some may require additional TCP ports to be opened in order to provide / test all of their functionality. To do so you can override the following:

### K3d Override
## K3d Override

First set (or add to) `K3D_EXTRA_ARGS` to include all of the ports that you would like to expose:

```
```bash
--set K3D_EXTRA_ARGS="-p <port>:<port>@server:* -p 9999:9999@server:*"
```

### Nginx Configuration
## Nginx Configuration

Then allow the ports to pass through Nginx by setting `NGINX_EXTRA_PORTS`:

```
```bash
--set NGINX_EXTRA_PORTS="[<port>,9999]"
```

Expand Down
2 changes: 1 addition & 1 deletion release-please-config.json
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
{ "type": "chore", "section": "Miscellaneous", "hidden": false }
],
"versioning": "default",
"extra-files": ["README.md", "zarf.yaml"]
"extra-files": ["README.md", "zarf.yaml", "chart/Chart.yaml"]
}
}
}
19 changes: 18 additions & 1 deletion tasks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,17 @@ variables:
default: ""
- name: NGINX_EXTRA_PORTS
default: "[]"
- name: COREDNS_OVERRIDES
justinthelaw marked this conversation as resolved.
Show resolved Hide resolved
default: |
rewrite stop {
name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto
}
rewrite stop {
name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto
}
rewrite stop {
name regex (.*\.uds\.dev) host.k3d.internal answer auto
}

tasks:
- name: default
Expand All @@ -16,7 +27,13 @@ tasks:
cmd: "uds zarf package create --confirm --no-progress"

- description: "Deploy UDS K3d package"
cmd: "uds zarf package deploy zarf-package-uds-k3d-*.tar.zst --confirm --set K3D_IMAGE=${IMAGE_NAME}:${VERSION} --set K3D_EXTRA_ARGS=\"${K3D_EXTRA_ARGS}\" --set NGINX_EXTRA_PORTS=\"${NGINX_EXTRA_PORTS}\" --no-progress"
cmd: |
uds zarf package deploy zarf-package-uds-k3d-*.tar.zst \
--set K3D_IMAGE=${IMAGE_NAME}:${VERSION} \
--set K3D_EXTRA_ARGS="${K3D_EXTRA_ARGS}" \
--set NGINX_EXTRA_PORTS="${NGINX_EXTRA_PORTS}" \
--set COREDNS_OVERRIDES="${COREDNS_OVERRIDES}" \
--no-progress --confirm

- name: validate
actions:
Expand Down
9 changes: 8 additions & 1 deletion zarf.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -88,9 +88,16 @@ components:
- name: uds-dev-stack
namespace: uds-dev-stack
localPath: chart
version: 0.2.0
# x-release-please-start-version
version: 0.9.0
# x-release-please-end
valuesFiles:
- "values/dev-stack-values.yaml"
variables:
- name: COREDNS_OVERRIDES
# Defaults contain rewrites of `*.uds.dev` to the UDS core Istio tenant and admin gateways
description: "CoreDNS overrides"
path: coreDnsOverrides
- name: minio
namespace: uds-dev-stack
version: 5.2.0
Expand Down
Loading