Refactor dns cluster api

api/BUILD

@@ -137,6 +137,7 @@ proto_library(
         "//envoy/extensions/access_loggers/wasm/v3:pkg",
         "//envoy/extensions/bootstrap/internal_listener/v3:pkg",
         "//envoy/extensions/clusters/aggregate/v3:pkg",
+        "//envoy/extensions/clusters/dns/v3:pkg",
         "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg",
         "//envoy/extensions/clusters/redis/v3:pkg",
         "//envoy/extensions/common/async_files/v3:pkg",

api/envoy/config/cluster/v3/BUILD

@@ -9,6 +9,7 @@ api_proto_package(
         "//envoy/annotations:pkg",
         "//envoy/config/core/v3:pkg",
         "//envoy/config/endpoint/v3:pkg",
+        "//envoy/extensions/clusters/dns/v3:pkg",
         "//envoy/type/metadata/v3:pkg",
         "//envoy/type/v3:pkg",
         "@com_github_cncf_xds//udpa/annotations:pkg",

api/envoy/config/cluster/v3/cluster.proto

@@ -45,7 +45,7 @@ message ClusterCollection {
 }
 
 // Configuration for a single upstream cluster.
-// [#next-free-field: 59]
+// [#next-free-field: 60]
 message Cluster {
   option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster";
 
@@ -953,8 +953,13 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  google.protobuf.Duration dns_refresh_rate = 16
-      [(validate.rules).duration = {gt {nanos: 1000000}}];
+  // This field is deprecated in favor of ``dns_config``
+  // which aggregates all of the DNS configuration in a single message.
+  google.protobuf.Duration dns_refresh_rate = 16 [
+    deprecated = true,
+    (validate.rules).duration = {gt {nanos: 1000000}},
+    (envoy.annotations.deprecated_at_minor_version) = "3.0"
+  ];
 
   // DNS jitter can be optionally specified if the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
@@ -965,7 +970,10 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  google.protobuf.Duration dns_jitter = 58;
+  // This field is deprecated in favor of ``dns_config``
+  // which aggregates all of the DNS configuration in a single message.
+  google.protobuf.Duration dns_jitter = 58
+      [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // If the DNS failure refresh rate is specified and the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
@@ -975,17 +983,27 @@ message Cluster {
   // other than :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
   // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
   // ignored.
-  RefreshRate dns_failure_refresh_rate = 44;
+  // This field is deprecated in favor of ``dns_config``
+  // which aggregates all of the DNS configuration in a single message.
+  RefreshRate dns_failure_refresh_rate = 44
+      [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
   // resolution.
-  bool respect_dns_ttl = 39;
+  // This field is deprecated in favor of ``dns_config``
+  // which aggregates all of the DNS configuration in a single message.
+  bool respect_dns_ttl = 39
+      [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DnsLookupFamily.AUTO>`.
-  DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}];
+  DnsLookupFamily dns_lookup_family = 17 [
+    deprecated = true,
+    (validate.rules).enum = {defined_only: true},
+    (envoy.annotations.deprecated_at_minor_version) = "3.0"
+  ];
 
   // If DNS resolvers are specified and the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
@@ -1025,6 +1043,7 @@ message Cluster {
   // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
   // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
   // [#extension-category: envoy.network.dns_resolver]
+  // FIXME do we also want to move this one?
   core.v3.TypedExtensionConfig typed_dns_resolver_config = 55;
 
   // Optional configuration for having cluster readiness block on warm-up. Currently, only applicable for

api/envoy/extensions/clusters/dns/v3/BUILD

@@ -0,0 +1,12 @@
+# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py.
+
+load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
+
+licenses(["notice"])  # Apache 2
+
+api_proto_package(
+    deps = [
+        "//envoy/config/core/v3:pkg",
+        "@com_github_cncf_xds//udpa/annotations:pkg",
+    ],
+)

api/envoy/extensions/clusters/dns/v3/dns_cluster.proto

@@ -0,0 +1,114 @@
+syntax = "proto3";
+
+package envoy.extensions.clusters.dns.v3;
+
+import "envoy/config/core/v3/extension.proto";
+
+import "google/protobuf/any.proto";
+import "google/protobuf/duration.proto";
+import "google/protobuf/struct.proto";
+import "google/protobuf/wrappers.proto";
+
+import "udpa/annotations/migrate.proto";
+import "udpa/annotations/security.proto";
+import "udpa/annotations/status.proto";
+import "udpa/annotations/versioning.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.extensions.clusters.dns.v3";
+option java_outer_classname = "DnsClusterProto";
+option java_multiple_files = true;
+option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/dns/v3;dnsv3";
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+
+// [#protodoc-title: DNS cluster configuration]
+
+// Configuration for strict and logical DNS clusters.
+// FIXME [#extension: envoy.clusters.dns]
+
+// [#next-free-field: 7]
+message DnsCluster {
+  // When V4_ONLY is selected, the DNS resolver will only perform a lookup for
+  // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will
+  // only perform a lookup for addresses in the IPv6 family. If AUTO is
+  // specified, the DNS resolver will first perform a lookup for addresses in
+  // the IPv6 family and fallback to a lookup for addresses in the IPv4 family.
+  // This is semantically equivalent to a non-existent V6_PREFERRED option.
+  // AUTO is a legacy name that is more opaque than
+  // necessary and will be deprecated in favor of V6_PREFERRED in a future major version of the API.
+  // If V4_PREFERRED is specified, the DNS resolver will first perform a lookup for addresses in the
+  // IPv4 family and fallback to a lookup for addresses in the IPv6 family. i.e., the callback
+  // target will only get v6 addresses if there were NO v4 addresses to return.
+  // If ALL is specified, the DNS resolver will perform a lookup for both IPv4 and IPv6 families,
+  // and return all resolved addresses. When this is used, Happy Eyeballs will be enabled for
+  // upstream connections. Refer to :ref:`Happy Eyeballs Support <arch_overview_happy_eyeballs>`
+  // for more information.
+  // For cluster types other than
+  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
+  // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
+  // this setting is
+  // ignored.
+  // [#next-major-version: deprecate AUTO in favor of a V6_PREFERRED option.]
+//  enum DnsLookupFamily {
+//    UNSPECIFIED = 0;
+//    AUTO = 1;
+//    V4_ONLY = 2;
+//    V6_ONLY = 3;
+//    V4_PREFERRED = 4;
+//    ALL = 5;
+//  }
+
+  message RefreshRate {
+    // Specifies the base interval between refreshes. This parameter is required and must be greater
+    // than zero and less than
+    // :ref:`max_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsConfig.RefreshRate.max_interval>`.
+    google.protobuf.Duration base_interval = 1 [(validate.rules).duration = {
+      required: true
+      gt {nanos: 1000000}
+    }];
+
+    // Specifies the maximum interval between refreshes. This parameter is optional, but must be
+    // greater than or equal to the
+    // :ref:`base_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsConfig.RefreshRate.max_interval>`  if set. The default
+    // is 10 times the :ref:`base_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsConfig.RefreshRate.max_interval>`.
+    google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}];
+  }
+
+  // This value is the cluster’s DNS refresh rate. The value configured must be at least 1ms.
+  // If this setting is not specified, the
+  // value defaults to 5000ms.
+  google.protobuf.Duration dns_refresh_rate = 1 [(validate.rules).duration = {gt {nanos: 1000000}}];
+
+  // this is the cluster’s DNS refresh rate when requests are failing. If this setting is
+  // not specified, the failure refresh rate defaults to the DNS refresh rate.
+  RefreshRate dns_failure_refresh_rate = 2;
+
+  // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
+  // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
+  // resolution.
+  google.protobuf.BoolValue respect_dns_ttl = 3;
+
+  // The DNS IP address resolution policy. If this setting is not specified, the
+  // value defaults to
+  // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.dns.v3.DnsConfig.DnsLookupFamily.AUTO>`.
+  // DnsLookupFamily dns_lookup_family = 4 [(validate.rules).enum = {defined_only: true}];
+
+  // DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
+  // or any other DNS resolver types and the related parameters.
+  // For example, an object of
+  // :ref:`CaresDnsResolverConfig <envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
+  // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
+  // :ref:`dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`
+  // configuration.
+  // During the transition period when both ``dns_resolution_config`` and ``typed_dns_resolver_config`` exists,
+  // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
+  // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
+  // [#extension-category: envoy.network.dns_resolver]
+  // Fixme docs
+  // config.core.v3.TypedExtensionConfig typed_dns_resolver_config = 5;
+
+  // DNS jitter causes the cluster to refresh DNS entries later by a random amount of time to avoid a
+  // stampede of DNS requests. This value sets the upper bound (exclusive) for the random amount.
+  // There will be no jitter if this value is omitted.
+  google.protobuf.Duration dns_jitter = 6;
+}

api/versioning/BUILD

@@ -75,6 +75,7 @@ proto_library(
         "//envoy/extensions/access_loggers/wasm/v3:pkg",
         "//envoy/extensions/bootstrap/internal_listener/v3:pkg",
         "//envoy/extensions/clusters/aggregate/v3:pkg",
+        "//envoy/extensions/clusters/dns/v3:pkg",
         "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg",
         "//envoy/extensions/clusters/redis/v3:pkg",
         "//envoy/extensions/common/async_files/v3:pkg",

source/common/common/dns_utils.cc

@@ -12,8 +12,8 @@ getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster
   return getDnsLookupFamilyFromEnum(cluster.dns_lookup_family());
 }
 
-Network::DnsLookupFamily
-getDnsLookupFamilyFromEnum(envoy::config::cluster::v3::Cluster::DnsLookupFamily family) {
+Network::DnsLookupFamily getDnsLookupFamilyFromEnum(
+    envoy::config::cluster::v3::Cluster::DnsLookupFamily family) {
   switch (family) {
     PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
   case envoy::config::cluster::v3::Cluster::V6_ONLY:

source/common/network/dns_resolver/dns_factory_util.cc

@@ -46,13 +46,27 @@ bool tryUseAppleApiForDnsLookups(
   return false;
 }
 
+//bool checkDnsResolutionConfigExist(
+//    [[maybe_unused]] const envoy::extensions::clusters::dns::v3::DnsConfig& config,
+//    [[maybe_unused]] envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
+//  return false;
+//}
+
 // Overloading the template function for DnsFilterConfig type, which doesn't need to copy anything.
 void handleLegacyDnsResolverData(
     const envoy::extensions::filters::udp::dns_filter::v3::DnsFilterConfig::ClientContextConfig&,
     envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
   makeDefaultCaresDnsResolverConfig(typed_dns_resolver_config);
 }
 
+//void handleLegacyDnsResolverData(
+//    [[maybe_unused]] const envoy::extensions::clusters::dns::v3::DnsConfig config,
+//    envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
+//  envoy::extensions::network::dns_resolver::cares::v3::CaresDnsResolverConfig cares;
+//  typed_dns_resolver_config.mutable_typed_config()->PackFrom(cares);
+//  typed_dns_resolver_config.set_name(std::string(CaresDnsResolver));
+//}
+
 // Overloading the template function for Cluster config type, which need to copy
 // both use_tcp_for_dns_lookups and dns_resolvers.
 void handleLegacyDnsResolverData(

source/common/network/dns_resolver/dns_factory_util.h

@@ -61,6 +61,11 @@ bool checkDnsResolutionConfigExist(
   return false;
 }
 
+// Overloading the template funciton for DnsConfig because DnsConfig has no dns_resolution_config.
+// bool checkDnsResolutionConfigExist(
+//     const envoy::extensions::clusters::dns::v3::DnsConfig& config,
+//     envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config);
+
 // For backward compatibility, copy over use_tcp_for_dns_lookups from config, and create
 // a CaresDnsResolverConfig typed config. This logic fit for bootstrap, and dns_cache config types.
 template <class ConfigType>

source/common/upstream/cluster_factory_impl.cc

@@ -65,15 +65,27 @@ ClusterFactoryImplBase::create(const envoy::config::cluster::v3::Cluster& cluste
   return factory->create(cluster, context);
 }
 
-absl::StatusOr<Network::DnsResolverSharedPtr>
-ClusterFactoryImplBase::selectDnsResolver(const envoy::config::cluster::v3::Cluster& cluster,
-                                          ClusterFactoryContext& context) {
+absl::StatusOr<Network::DnsResolverSharedPtr> ClusterFactoryImplBase::selectDnsResolver(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    ClusterFactoryContext& context) {
   // We make this a shared pointer to deal with the distinct ownership
   // scenarios that can exist: in one case, we pass in the "default"
   // DNS resolver that is owned by the Server::Instance. In the case
   // where 'dns_resolvers' is specified, we have per-cluster DNS
   // resolvers that are created here but ownership resides with
   // StrictDnsClusterImpl/LogicalDnsCluster.
+  // if ((cluster.has_dns_config() && cluster.dns_config().has_typed_dns_resolver_config() &&
+  //     !(cluster.dns_config().typed_dns_resolver_config().typed_config().type_url().empty()))) {
+  //  envoy::config::core::v3::TypedExtensionConfig typed_dns_resolver_config;
+  //  Network::DnsResolverFactory& dns_resolver_factory =
+  //      Network::createDnsResolverFactoryFromProto(cluster.dns_config(),
+  //      typed_dns_resolver_config);
+  //  auto& server_context = context.serverFactoryContext();
+  //  return dns_resolver_factory.createDnsResolver(server_context.mainThreadDispatcher(),
+  //                                                server_context.api(),
+  //                                                typed_dns_resolver_config);
+  //}
+
   if ((cluster.has_typed_dns_resolver_config() &&
        !(cluster.typed_dns_resolver_config().typed_config().type_url().empty())) ||
       (cluster.has_dns_resolution_config() &&

source/extensions/clusters/common/BUILD

@@ -18,3 +18,15 @@ envoy_cc_library(
         "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto",
     ],
 )
+
+envoy_cc_library(
+    name = "backcompat_dns_lib",
+    srcs = ["backcompat_dns.cc"],
+    hdrs = ["backcompat_dns.h"],
+    deps = [
+        "//source/common/upstream:cluster_factory_includes",
+        "//source/common/upstream:upstream_includes",
+        "@envoy_api//envoy/config/core/v3:pkg_cc_proto",
+        "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto",
+    ],
+)

source/extensions/clusters/common/backcompat_dns.cc

@@ -0,0 +1,43 @@
+#include "envoy/config/cluster/v3/cluster.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
+#include "source/extensions/clusters/common/backcompat_dns.h"
+
+namespace Envoy {
+namespace Upstream {
+
+void mergeClusterAndProtoConfig(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    envoy::extensions::clusters::dns::v3::DnsCluster& new_proto_config) {
+
+  if (cluster.has_dns_refresh_rate() && !new_proto_config.has_dns_refresh_rate()) {
+    new_proto_config.mutable_dns_refresh_rate()->CopyFrom(cluster.dns_refresh_rate());
+  }
+
+  if (cluster.has_dns_failure_refresh_rate() && !new_proto_config.has_dns_failure_refresh_rate()) {
+    auto* new_refresh_rate = new_proto_config.mutable_dns_failure_refresh_rate();
+    const auto& old_refresh_rate = cluster.dns_failure_refresh_rate();
+    new_refresh_rate->mutable_max_interval()->CopyFrom(old_refresh_rate.max_interval());
+    new_refresh_rate->mutable_base_interval()->CopyFrom(old_refresh_rate.base_interval());
+  }
+
+  if (!new_proto_config.has_respect_dns_ttl()) {
+    new_proto_config.mutable_respect_dns_ttl()->set_value(cluster.respect_dns_ttl());
+  }
+
+  // if (new_proto_config.dns_lookup_family() ==
+  //     envoy::extensions::clusters::dns::v3::DnsCluster::UNSPECIFIED) {
+  //   new_proto_config.set_dns_lookup_family(translateLookupFamily(cluster.dns_lookup_family()));
+  // }
+
+  // if (cluster.has_typed_dns_resolver_config() &&
+  //     !new_proto_config.has_typed_dns_resolver_config()) {
+  //   new_proto_config.mutable_typed_dns_resolver_config()->CopyFrom(
+  //       cluster.typed_dns_resolver_config());
+  // }
+
+  if (cluster.has_dns_jitter() && !new_proto_config.has_dns_jitter()) {
+    new_proto_config.mutable_dns_jitter()->CopyFrom(cluster.dns_jitter());
+  }
+}
+} // namespace Upstream
+} // namespace Envoy

source/extensions/clusters/common/backcompat_dns.h

@@ -0,0 +1,13 @@
+#pragma once
+
+#include "envoy/config/cluster/v3/cluster.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
+
+namespace Envoy {
+namespace Upstream {
+
+void mergeClusterAndProtoConfig(const envoy::config::cluster::v3::Cluster& cluster,
+                                envoy::extensions::clusters::dns::v3::DnsCluster& new_proto_config);
+
+}
+} // namespace Envoy

source/extensions/clusters/logical_dns/BUILD

@@ -25,6 +25,7 @@ envoy_cc_extension(
         "//source/common/protobuf:utility_lib",
         "//source/common/upstream:cluster_factory_lib",
         "//source/common/upstream:upstream_includes",
+        "//source/extensions/clusters/common:backcompat_dns_lib",
         "//source/extensions/clusters/common:logical_host_lib",
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
         "@envoy_api//envoy/config/core/v3:pkg_cc_proto",