Move cluster dns config and validate in strict dns clusters

Signed-off-by: Steven Jin Xuan <[email protected]>

api/BUILD

@@ -1,9 +1,9 @@
-# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py.
-
 load("@rules_proto//proto:defs.bzl", "proto_descriptor_set", "proto_library")
 
 licenses(["notice"])  # Apache 2
 
+# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py.
+
 proto_library(
     name = "v2_protos",
     visibility = ["//visibility:public"],

api/envoy/config/cluster/v3/cluster.proto

@@ -679,24 +679,6 @@ message Cluster {
     core.v3.HealthStatusSet override_host_status = 8;
   }
 
-  message RefreshRate {
-    option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.RefreshRate";
-
-    // Specifies the base interval between refreshes. This parameter is required and must be greater
-    // than zero and less than
-    // :ref:`max_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.max_interval>`.
-    google.protobuf.Duration base_interval = 1 [(validate.rules).duration = {
-      required: true
-      gt {nanos: 1000000}
-    }];
-
-    // Specifies the maximum interval between refreshes. This parameter is optional, but must be
-    // greater than or equal to the
-    // :ref:`base_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.base_interval>`  if set. The default
-    // is 10 times the :ref:`base_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.base_interval>`.
-    google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}];
-  }
-
   message PreconnectPolicy {
     // Indicates how many streams (rounded up) can be anticipated per-upstream for each
     // incoming stream. This is useful for high-QPS or latency-sensitive services. Preconnecting
@@ -979,7 +961,8 @@ message Cluster {
   // other than :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
   // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
   // ignored.
-  RefreshRate dns_failure_refresh_rate = 44;
+
+  envoy.extensions.clusters.dns.v3.DnsConfig.RefreshRate dns_failure_refresh_rate = 44;
 
   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS

api/envoy/extensions/clusters/dns/v3/cluster.proto

@@ -2,6 +2,11 @@ syntax = "proto3";
 
 package envoy.extensions.clusters.dns.v3;
 
+import "google/protobuf/any.proto";
+import "google/protobuf/duration.proto";
+import "google/protobuf/struct.proto";
+import "google/protobuf/wrappers.proto";
+
 import "udpa/annotations/migrate.proto";
 import "udpa/annotations/security.proto";
 import "udpa/annotations/status.proto";
@@ -14,133 +19,112 @@ option java_multiple_files = true;
 option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/dns/v3;dnsv3";
 option (udpa.annotations.file_status).package_version_status = ACTIVE;
 
+// import "envoy/config/core/v3/extension.proto";
+
 // [#protodoc-title: DNS cluster configuration]
 
 // Configuration for the dynamic forward proxy cluster. See the :ref:`architecture overview
 // <arch_overview_http_dynamic_forward_proxy>` for more information.
 // [#extension: envoy.clusters.dns]
 
+// [#next-free-field: 55]
 message DnsConfig {
-  //
-  //   enum DiscoveryType {
-  //     // Refer to the :ref:`strict DNS discovery
-  //     // type<arch_overview_service_discovery_types_strict_dns>`
-  //     // for an explanation.
-  //     STRICT_DNS = 0;
-  //
-  //     // Refer to the :ref:`logical DNS discovery
-  //     // type<arch_overview_service_discovery_types_logical_dns>`
-  //     // for an explanation.
-  //     LOGICAL_DNS = 1;
-  //   }
-  //
-  //
-  //   // When V4_ONLY is selected, the DNS resolver will only perform a lookup for
-  //   // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will
-  //   // only perform a lookup for addresses in the IPv6 family. If AUTO is
-  //   // specified, the DNS resolver will first perform a lookup for addresses in
-  //   // the IPv6 family and fallback to a lookup for addresses in the IPv4 family.
-  //   // This is semantically equivalent to a non-existent V6_PREFERRED option.
-  //   // AUTO is a legacy name that is more opaque than
-  //   // necessary and will be deprecated in favor of V6_PREFERRED in a future major version of the API.
-  //   // If V4_PREFERRED is specified, the DNS resolver will first perform a lookup for addresses in the
-  //   // IPv4 family and fallback to a lookup for addresses in the IPv6 family. i.e., the callback
-  //   // target will only get v6 addresses if there were NO v4 addresses to return.
-  //   // If ALL is specified, the DNS resolver will perform a lookup for both IPv4 and IPv6 families,
-  //   // and return all resolved addresses. When this is used, Happy Eyeballs will be enabled for
-  //   // upstream connections. Refer to :ref:`Happy Eyeballs Support <arch_overview_happy_eyeballs>`
-  //   // for more information.
-  //   // For cluster types other than
-  //   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
-  //   // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
-  //   // this setting is
-  //   // ignored.
-  //   // [#next-major-version: deprecate AUTO in favor of a V6_PREFERRED option.]
-  //   enum DnsLookupFamily {
-  //     AUTO = 0;
-  //     V4_ONLY = 1;
-  //     V6_ONLY = 2;
-  //     V4_PREFERRED = 3;
-  //     ALL = 4;
-  //   }
-  //
-  //   // If the DNS refresh rate is specified and the cluster type is either
-  //   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
-  //   // or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
-  //   // this value is used as the cluster’s DNS refresh
-  //   // rate. The value configured must be at least 1ms. If this setting is not specified, the
-  //   // value defaults to 5000ms. For cluster types other than
-  //   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
-  //   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
-  //   // this setting is ignored.
-  //   google.protobuf.Duration dns_refresh_rate = 16
-  //       [(validate.rules).duration = {gt {nanos: 1000000}}];
-  //
-  //   // If the DNS failure refresh rate is specified and the cluster type is either
-  //   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
-  //   // or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
-  //   // this is used as the cluster’s DNS refresh rate when requests are failing. If this setting is
-  //   // not specified, the failure refresh rate defaults to the DNS refresh rate. For cluster types
-  //   // other than :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
-  //   // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
-  //   // ignored.
-  //   // RefreshRate dns_failure_refresh_rate = 44;
-  //
-  //   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
-  //   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
-  //   // resolution.
-  //   bool respect_dns_ttl = 39;
-  //
-  //   // The DNS IP address resolution policy. If this setting is not specified, the
-  //   // value defaults to
-  //   // :ref:`AUTO<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DnsLookupFamily.AUTO>`.
-  //   DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}];
-  //
-  //   // If DNS resolvers are specified and the cluster type is either
-  //   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
-  //   // or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
-  //   // this value is used to specify the cluster’s dns resolvers.
-  //   // If this setting is not specified, the value defaults to the default
-  //   // resolver, which uses /etc/resolv.conf for configuration. For cluster types
-  //   // other than
-  //   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
-  //   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
-  //   // this setting is ignored.
-  //   // This field is deprecated in favor of ``dns_resolution_config``
-  //   // which aggregates all of the DNS resolver configuration in a single message.
-  //   // repeated core.v3.Address dns_resolvers = 18
-  //     //  [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
-  //
-  //   // Always use TCP queries instead of UDP queries for DNS lookups.
-  //   // This field is deprecated in favor of ``dns_resolution_config``
-  //   // which aggregates all of the DNS resolver configuration in a single message.
-  //   bool use_tcp_for_dns_lookups = 45
-  //       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
-  //
-  //   // DNS resolution configuration which includes the underlying dns resolver addresses and options.
-  //   // This field is deprecated in favor of
-  //   // :ref:`typed_dns_resolver_config <envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolver_config>`.
-  //   // core.v3.DnsResolutionConfig dns_resolution_config = 53
-  //       //[deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
-  //
-  //   // DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
-  //   // or any other DNS resolver types and the related parameters.
-  //   // For example, an object of
-  //   // :ref:`CaresDnsResolverConfig <envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
-  //   // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
-  //   // :ref:`dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`
-  //   // configuration.
-  //   // During the transition period when both ``dns_resolution_config`` and ``typed_dns_resolver_config`` exists,
-  //   // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
-  //   // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
-  //   // [#extension-category: envoy.network.dns_resolver]
-  //   // core.v3.TypedExtensionConfig typed_dns_resolver_config = 55;
-  //
-  //   // Optional configuration for having cluster readiness block on warm-up. Currently, only applicable for
-  //   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
-  //   // or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
-  //   // or :ref:`Redis Cluster<arch_overview_redis>`.
-  //   // If true, cluster readiness blocks on warm-up. If false, the cluster will complete
-  //   // initialization whether or not warm-up has completed. Defaults to true.
-  //   google.protobuf.BoolValue wait_for_warm_on_init = 54;
+  // When V4_ONLY is selected, the DNS resolver will only perform a lookup for
+  // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will
+  // only perform a lookup for addresses in the IPv6 family. If AUTO is
+  // specified, the DNS resolver will first perform a lookup for addresses in
+  // the IPv6 family and fallback to a lookup for addresses in the IPv4 family.
+  // This is semantically equivalent to a non-existent V6_PREFERRED option.
+  // AUTO is a legacy name that is more opaque than
+  // necessary and will be deprecated in favor of V6_PREFERRED in a future major version of the API.
+  // If V4_PREFERRED is specified, the DNS resolver will first perform a lookup for addresses in the
+  // IPv4 family and fallback to a lookup for addresses in the IPv6 family. i.e., the callback
+  // target will only get v6 addresses if there were NO v4 addresses to return.
+  // If ALL is specified, the DNS resolver will perform a lookup for both IPv4 and IPv6 families,
+  // and return all resolved addresses. When this is used, Happy Eyeballs will be enabled for
+  // upstream connections. Refer to :ref:`Happy Eyeballs Support <arch_overview_happy_eyeballs>`
+  // for more information.
+  // For cluster types other than
+  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
+  // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
+  // this setting is
+  // ignored.
+  // [#next-major-version: deprecate AUTO in favor of a V6_PREFERRED option.]
+  enum LookupFamily {
+    AUTO = 0;
+    V4_ONLY = 1;
+    V6_ONLY = 2;
+    V4_PREFERRED = 3;
+    ALL = 4;
+  }
+
+  message RefreshRate {
+    option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.RefreshRate";
+
+    // Specifies the base interval between refreshes. This parameter is required and must be greater
+    // than zero and less than
+    // :ref:`max_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.max_interval>`.
+    google.protobuf.Duration base_interval = 1 [(validate.rules).duration = {
+      required: true
+      gt {nanos: 1000000}
+    }];
+
+    // Specifies the maximum interval between refreshes. This parameter is optional, but must be
+    // greater than or equal to the
+    // :ref:`base_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.base_interval>`  if set. The default
+    // is 10 times the :ref:`base_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.base_interval>`.
+    google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}];
+  }
+
+  // If the DNS refresh rate is specified and the cluster type is either
+  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
+  // or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
+  // this value is used as the cluster’s DNS refresh
+  // rate. The value configured must be at least 1ms. If this setting is not specified, the
+  // value defaults to 5000ms. For cluster types other than
+  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
+  // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
+  // this setting is ignored.
+  google.protobuf.Duration refresh_rate = 16 [(validate.rules).duration = {gt {nanos: 1000000}}];
+
+  // If the DNS failure refresh rate is specified and the cluster type is either
+  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
+  // or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
+  // this is used as the cluster’s DNS refresh rate when requests are failing. If this setting is
+  // not specified, the failure refresh rate defaults to the DNS refresh rate. For cluster types
+  // other than :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
+  // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
+  // ignored.
+  RefreshRate dns_failure_refresh_rate = 44;
+
+  // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
+  // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
+  // resolution.
+  bool respect_ttl = 39;
+
+  // The DNS IP address resolution policy. If this setting is not specified, the
+  // value defaults to
+  // :ref:`AUTO<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DnsLookupFamily.AUTO>`.
+  LookupFamily lookup_family = 17 [(validate.rules).enum = {defined_only: true}];
+
+  // DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
+  // or any other DNS resolver types and the related parameters.
+  // For example, an object of
+  // :ref:`CaresDnsResolverConfig <envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
+  // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
+  // :ref:`dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`
+  // configuration.
+  // During the transition period when both ``dns_resolution_config`` and ``typed_dns_resolver_config`` exists,
+  // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
+  // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
+  // [#extension-category: envoy.network.dns_resolver]
+  // FIXMEcore.v3.TypedExtensionConfig typed_resolver_config = 55;
+
+  // Optional configuration for having cluster readiness block on warm-up. Currently, only applicable for
+  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
+  // or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
+  // or :ref:`Redis Cluster<arch_overview_redis>`.
+  // If true, cluster readiness blocks on warm-up. If false, the cluster will complete
+  // initialization whether or not warm-up has completed. Defaults to true.
+  google.protobuf.BoolValue wait_for_warm_on_init = 54;
 }

api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD

@@ -10,6 +10,7 @@ api_proto_package(
         "//envoy/config/cluster/v3:pkg",
         "//envoy/config/common/key_value/v3:pkg",
         "//envoy/config/core/v3:pkg",
+        "//envoy/extensions/clusters/dns/v3:pkg",
         "@com_github_cncf_xds//udpa/annotations:pkg",
     ],
 )

api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto

@@ -7,6 +7,7 @@ import "envoy/config/common/key_value/v3/config.proto";
 import "envoy/config/core/v3/address.proto";
 import "envoy/config/core/v3/extension.proto";
 import "envoy/config/core/v3/resolver.proto";
+import "envoy/extensions/clusters/dns/v3/cluster.proto";
 
 import "google/protobuf/duration.proto";
 import "google/protobuf/wrappers.proto";
@@ -97,7 +98,7 @@ message DnsCacheConfig {
   // If the DNS failure refresh rate is specified,
   // this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is
   // not specified, the failure refresh rate defaults to the dns_refresh_rate.
-  config.cluster.v3.Cluster.RefreshRate dns_failure_refresh_rate = 6;
+  clusters.dns.v3.DnsConfig.RefreshRate dns_failure_refresh_rate = 6;
 
   // The config of circuit breakers for resolver. It provides a configurable threshold.
   // Envoy will use dns cache circuit breakers with default settings even if this value is not set.

source/extensions/clusters/strict_dns/BUILD

@@ -15,6 +15,7 @@ envoy_cc_extension(
     # prevously considered core code.
     visibility = ["//visibility:public"],
     deps = [
+        "//source/common/common:random_generator_lib",
         "//source/common/upstream:cluster_factory_includes",
         "//source/common/upstream:upstream_includes",
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",