Add peering .service
and .node
DNS lookups.
#15596
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR improves support for DNS lookups on peered
.service
and.node
queries. Prior to this PR, peered lookups were only supported for.virtual
queries.Node Lookups
For
.node
lookups, onlyA
andAAAA
queries are supported in Consul. New.peer
and.dc
qualifiers are introduced into OSS, similar to Enterprise, which allows users to specify between the two.In OSS, existing node lookups had a format of
mynode.node.dc1.some-domain
.Now they can also be queried with any of the following:
mynode.node.dc1.some-domain
mynode.node.dc1.dc.some-domain
mynode.node.peer1.peer.some-domain
With peered nodes only being accessible via the
.peer
qualifier.Service Lookups
For
.service
DNS lookups,SRV
records are supported in addition to the standardA
andAAAA
that nodes have. Similar to nodes, they have been given extra qualifiers to indicate.peer
and.dc
lookups.In OSS, existing service lookups had a format of
mysvc.service.dc1.some-domain
.Now they can also be queried with any of the following:
mysvc.service.dc1.some-domain
mysvc.service.dc1.dc.some-domain
mysvc.service.peer1.peer.some-domain
Since
SRV
records can return the FQDN of a node, the following outputs are now expected:With the local node response format being unchanged by this PR.
Addr Lookups
Consul supports the concept of an
.addr
lookup, which essentially provides an IP address in DNS form. They often look likec0a8017b.addr.dc1.some-domain
wherec0a8017b
is a hex-encoded IP address. These are typically sent back as a response in anSRV
record whenever there is no valid FQDN alternative to use.These lookups technically do not query the state store at all, and are simply parsed and converted from hexadecimal format into a real IP address before responding.
For addr lookups, both of the following formats are equivalent and supported prior to this PR:
The
.dc1
is effectively ignored since only basic text-parsing is performed.For peering, whenever we respond in an
SRV
record with a.addr
, we will emit it without the.dc1
component so that it is more clear that it is not an IP address that is part of the local DC. This is mostly a cosmetic change, but could provide value for some users that wish to distinguish the two apart.PTR Lookups
These are still unsupported for peering, as the format of
1.0.0.127.in-addr.arpa
is fixed, and would introduce a potential breaking change if a peering connection was introduced into the existing list. IP addresses on peered services could potentially conflict with that of the local datacenter, and should therefore be excluded.