From 500b043f274a9559b929d1eb7c1bb0e841ec7cd2 Mon Sep 17 00:00:00 2001
From: Thomas Jackson <jacksontj.89@gmail.com>
Date: Sat, 12 Oct 2019 16:41:00 -0700
Subject: [PATCH] Don't use DNS resolution to "validate FQDN"

As the controller stands today this "validation" is done once per config load, which means if the DNS query fails for any reason the endpoint will remain dead until both (1) a change happens to the ingress and (2) the DNS resolution works. If the user configured the name we should just pass it through, this way the lua dns can attempt to re-query it at its leisure.
---
 internal/ingress/controller/endpoints.go        | 6 +++---
 internal/ingress/controller/endpoints_test.go   | 2 +-
 test/e2e/servicebackend/service_externalname.go | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/internal/ingress/controller/endpoints.go b/internal/ingress/controller/endpoints.go
index a29ca0822..c98bcc12a 100644
--- a/internal/ingress/controller/endpoints.go
+++ b/internal/ingress/controller/endpoints.go
@@ -22,6 +22,7 @@ import (
 	"reflect"
 	"strconv"
 
+	"k8s.io/apimachinery/pkg/util/validation"
 	"k8s.io/klog"
 
 	corev1 "k8s.io/api/core/v1"
@@ -58,9 +59,8 @@ func getEndpoints(s *corev1.Service, port *corev1.ServicePort, proto corev1.Prot
 
 		// if the externalName is not an IP address we need to validate is a valid FQDN
 		if net.ParseIP(s.Spec.ExternalName) == nil {
-			_, err := net.LookupHost(s.Spec.ExternalName)
-			if err != nil {
-				klog.Errorf("Error resolving host %q: %v", s.Spec.ExternalName, err)
+			if errs := validation.IsDNS1123Subdomain(s.Spec.ExternalName); len(errs) > 0 {
+				klog.Errorf("Invalid DNS name %s: %v", s.Spec.ExternalName, errs)
 				return upsServers
 			}
 		}
diff --git a/internal/ingress/controller/endpoints_test.go b/internal/ingress/controller/endpoints_test.go
index 53bd0871f..6efe518bc 100644
--- a/internal/ingress/controller/endpoints_test.go
+++ b/internal/ingress/controller/endpoints_test.go
@@ -112,7 +112,7 @@ func TestGetEndpoints(t *testing.T) {
 			&corev1.Service{
 				Spec: corev1.ServiceSpec{
 					Type:         corev1.ServiceTypeExternalName,
-					ExternalName: "foo.bar",
+					ExternalName: "1#invalid.hostname",
 					Ports: []corev1.ServicePort{
 						{
 							Name:       "default",
diff --git a/test/e2e/servicebackend/service_externalname.go b/test/e2e/servicebackend/service_externalname.go
index c8aff2e39..d02104b08 100644
--- a/test/e2e/servicebackend/service_externalname.go
+++ b/test/e2e/servicebackend/service_externalname.go
@@ -146,7 +146,7 @@ var _ = framework.IngressNginxDescribe("Service Type ExternalName", func() {
 		Expect(resp.StatusCode).Should(Equal(200))
 	})
 
-	It("should return status 503 for service type=ExternalName with an invalid host", func() {
+	It("should return status 502 for service type=ExternalName with an invalid host", func() {
 		host := "echo"
 
 		svc := &core.Service{
@@ -175,7 +175,7 @@ var _ = framework.IngressNginxDescribe("Service Type ExternalName", func() {
 			Set("Host", host).
 			End()
 		Expect(errs).Should(BeEmpty())
-		Expect(resp.StatusCode).Should(Equal(503))
+		Expect(resp.StatusCode).Should(Equal(502))
 	})
 
 	It("should return 200 for service type=ExternalName using a port name", func() {