Description of problem: DNS forwarding was added in 4.4. Although [1] included unit tests, no test exists to verify e2e functionality. See [2] for additional details. Version-Release number of selected component (if applicable): 4.5 How reproducible: always Steps to Reproduce: N/A Actual results: N/A Expected results: N/A Additional info: [1] https://github.com/openshift/cluster-dns-operator/pull/139 [2] https://issues.redhat.com/browse/NE-257
This patch was merged and originally released in "4.5.0-0.nightly-2020-05-01-183457" version. At the time of writing, the functionality has been tested and verified in "4.5.0-0.nightly-2020-05-11-011730" release. The outcome of manual testing is as follows: Executing the test from local spawns a DNS resolver pod which resolve "www.foo.com" to "1.2.3.4" ----- $ go get -v github.com/openshift/cluster-dns-operator github.com/openshift/cluster-dns-operator (download) package github.com/openshift/cluster-dns-operator: no Go files in /home/aiyengar/go/src/github.com/openshift/cluster-dns-operator $ WATCH_NAMESPACE=openshift-ingress-operator go test -v -tags e2e -count 1 -run TestDNSForwarding ./test/e2e/operator_test.go ./test/e2e/utils.go === RUN TestDNSForwarding I0512 10:29:18.849267 14074 request.go:621] Throttling request took 1.000174166s, request: GET:https://api.aiyengar-oc45-1105-1826996.qe.devcluster.openshift.com:6443/apis/coordination.k8s.io/v1beta1?timeout=32s --- PASS: TestDNSForwarding (119.03s) PASS ok command-line-arguments 119.038s $ oc -n openshift-dns get all NAME READY STATUS RESTARTS AGE pod/dns-default-98k8j 3/3 Running 0 24h pod/dns-default-9qv5d 3/3 Running 0 24h pod/dns-default-fkbgr 3/3 Running 0 24h pod/dns-default-lrtsd 3/3 Running 0 24h pod/dns-default-mt5g6 3/3 Running 0 24h pod/dns-default-nlb2d 3/3 Running 0 24h pod/test-upstream 1/1 Running 0 75s <----- NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/dns-default ClusterIP 172.30.0.10 <none> 53/UDP,53/TCP,9154/TCP 24h service/test-upstream ClusterIP 172.30.94.112 <none> 53/UDP,53/TCP 60s <---- NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE daemonset.apps/dns-default 6 6 6 6 6 kubernetes.io/os=linux 24h $ oc -n openshift-dns logs pod/test-upstream .:5353 CoreDNS-1.6.6 linux/amd64, go1.13.4, ----- With tools like "nslookup" or "dig" command to resolve "www.foo.com", results in the queries being forwarded to the resolver and it points to "1.2.3.4" correctly: ----- /srv $ nslookup www.foo.com Server: (null) Address 1: ::1 localhost Address 2: 127.0.0.1 localhost Name: www.foo.com Address 1: 1.2.3.4 /srv $ nslookup www.foo.com Server: (null) Address 1: ::1 localhost Address 2: 127.0.0.1 localhost Name: www.foo.com Address 1: 1.2.3.4 /srv $ nslookup www.foo.com Server: (null) Address 1: ::1 localhost Address 2: 127.0.0.1 localhost Name: www.foo.com Address 1: 1.2.3.4 The query logs seen in the upstream resolved pod: $ oc -n openshift-dns logs pod/test-upstream -f .:5353 CoreDNS-1.6.6 linux/amd64, go1.13.4, [INFO] 10.131.0.2:44843 - 10401 "A IN www.foo.com. udp 29 false 512" NOERROR qr,aa,rd 56 0.000155751s [INFO] 10.131.0.2:50239 - 11332 "AAAA IN www.foo.com. udp 29 false 512" NOERROR qr,aa,rd 29 0.000218299s [INFO] 10.128.2.2:45400 - 64391 "A IN www.foo.com. udp 29 false 512" NOERROR qr,aa,rd 56 0.00013468s [INFO] 10.128.2.2:47011 - 38 "AAAA IN www.foo.com. udp 29 false 512" NOERROR qr,aa,rd 29 0.00018034s [INFO] 10.131.0.2:51722 - 65510 "AAAA IN www.foo.com. udp 29 false 512" NOERROR qr,aa,rd 29 0.000134256s [INFO] 10.131.0.2:43119 - 64386 "A IN www.foo.com. udp 29 false 512" NOERROR qr,aa,rd 56 0.000259561s [INFO] 10.130.0.19:47883 - 39385 "AAAA IN www.foo.com. udp 29 false 512" NOERROR qr,aa,rd 29 0.000115228s -----
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2409