Merge pull request #4671 from jacksontj/issue_4670

Discontinue use of a single DNS query to validate an endpoint name

internal/ingress/controller/endpoints.go

@@ -22,6 +22,7 @@ import (
 	"reflect"
 	"strconv"
 
+	"k8s.io/apimachinery/pkg/util/validation"
 	"k8s.io/klog"
 
 	corev1 "k8s.io/api/core/v1"
@@ -58,9 +59,8 @@ func getEndpoints(s *corev1.Service, port *corev1.ServicePort, proto corev1.Prot
 
 		// if the externalName is not an IP address we need to validate is a valid FQDN
 		if net.ParseIP(s.Spec.ExternalName) == nil {
-			_, err := net.LookupHost(s.Spec.ExternalName)
-			if err != nil {
-				klog.Errorf("Error resolving host %q: %v", s.Spec.ExternalName, err)
+			if errs := validation.IsDNS1123Subdomain(s.Spec.ExternalName); len(errs) > 0 {
+				klog.Errorf("Invalid DNS name %s: %v", s.Spec.ExternalName, errs)
 				return upsServers
 			}
 		}

internal/ingress/controller/endpoints_test.go

@@ -112,7 +112,7 @@ func TestGetEndpoints(t *testing.T) {
 			&corev1.Service{
 				Spec: corev1.ServiceSpec{
 					Type:         corev1.ServiceTypeExternalName,
-					ExternalName: "foo.bar",
+					ExternalName: "1#invalid.hostname",
 					Ports: []corev1.ServicePort{
 						{
 							Name:       "default",

test/e2e/servicebackend/service_externalname.go

@@ -146,7 +146,7 @@ var _ = framework.IngressNginxDescribe("Service Type ExternalName", func() {
 		Expect(resp.StatusCode).Should(Equal(200))
 	})
 
-	It("should return status 503 for service type=ExternalName with an invalid host", func() {
+	It("should return status 502 for service type=ExternalName with an invalid host", func() {
 		host := "echo"
 
 		svc := &core.Service{
@@ -175,7 +175,7 @@ var _ = framework.IngressNginxDescribe("Service Type ExternalName", func() {
 			Set("Host", host).
 			End()
 		Expect(errs).Should(BeEmpty())
-		Expect(resp.StatusCode).Should(Equal(503))
+		Expect(resp.StatusCode).Should(Equal(502))
 	})
 
 	It("should return 200 for service type=ExternalName using a port name", func() {