Don't use DNS resolution to "validate FQDN"

As the controller stands today this "validation" is done once per config load, which means if the DNS query fails for any reason the endpoint will remain dead until both (1) a change happens to the ingress and (2) the DNS resolution works. If the user configured the name we should just pass it through, this way the lua dns can attempt to re-query it at its leisure.
2019-10-12 16:41:00 -07:00 · 2019-10-12 16:41:00 -07:00 · 500b043f27
commit 500b043f27
parent a1a2950413
3 changed files with 6 additions and 6 deletions
--- a/internal/ingress/controller/endpoints.go
+++ b/internal/ingress/controller/endpoints.go
@ -22,6 +22,7 @@ import (
 	"reflect"
 	"strconv"

+	"k8s.io/apimachinery/pkg/util/validation"
 	"k8s.io/klog"

 	corev1 "k8s.io/api/core/v1"
@ -58,9 +59,8 @@ func getEndpoints(s *corev1.Service, port *corev1.ServicePort, proto corev1.Prot

 		// if the externalName is not an IP address we need to validate is a valid FQDN
 		if net.ParseIP(s.Spec.ExternalName) == nil {
-			_, err := net.LookupHost(s.Spec.ExternalName)
-			if err != nil {
-				klog.Errorf("Error resolving host %q: %v", s.Spec.ExternalName, err)
+			if errs := validation.IsDNS1123Subdomain(s.Spec.ExternalName); len(errs) > 0 {
+				klog.Errorf("Invalid DNS name %s: %v", s.Spec.ExternalName, errs)
 				return upsServers
 			}
 		}
--- a/internal/ingress/controller/endpoints_test.go
+++ b/internal/ingress/controller/endpoints_test.go
@ -112,7 +112,7 @@ func TestGetEndpoints(t *testing.T) {
 			&corev1.Service{
 				Spec: corev1.ServiceSpec{
 					Type:         corev1.ServiceTypeExternalName,
-					ExternalName: "foo.bar",
+					ExternalName: "1#invalid.hostname",
 					Ports: []corev1.ServicePort{
 						{
 							Name:       "default",
--- a/test/e2e/servicebackend/service_externalname.go
+++ b/test/e2e/servicebackend/service_externalname.go
@ -146,7 +146,7 @@ var _ = framework.IngressNginxDescribe("Service Type ExternalName", func() {
 		Expect(resp.StatusCode).Should(Equal(200))
 	})

-	It("should return status 503 for service type=ExternalName with an invalid host", func() {
+	It("should return status 502 for service type=ExternalName with an invalid host", func() {
 		host := "echo"

 		svc := &core.Service{
@ -175,7 +175,7 @@ var _ = framework.IngressNginxDescribe("Service Type ExternalName", func() {
 			Set("Host", host).
 			End()
 		Expect(errs).Should(BeEmpty())
-		Expect(resp.StatusCode).Should(Equal(503))
+		Expect(resp.StatusCode).Should(Equal(502))
 	})

 	It("should return 200 for service type=ExternalName using a port name", func() {