kayos
/
coredns-lite
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fuck features, all my homies hate features

This commit is contained in:
kayos 2021-05-27 14:24:27 -07:00
parent 9edfaed631
commit 300687e114
490 changed files with 891 additions and 22896 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
ADOPTERS.md
View File

@ -1,32 +0,0 @@
* [Infoblox](https://www.infoblox.com) uses CoreDNS in its Active Trust Cloud SaaS service, as well as for Kubernetes cluster DNS.
* [Sky Betting & Gaming](https://engineering.skybettingandgaming.com) uses CoreDNS for Kubernetes cluster DNS.
* [Kismia](https://kismia.com) uses CoreDNS for Kubernetes cluster DNS.
* [Admiral](https://getadmiral.com) uses CoreDNS to handle geographic DNS requests for our public-facing microservices.
* [Qunar](https://qunar.com) uses CoreDNS for service discovery of its GPU machine learning cloud with TensorFlow and Kubernetes.
* [seansean2](https://web.mit.edu) uses CoreDNS in production at MIT for DNS.
* [Tradeshift](https://tradeshift.com/) uses CoreDNS to look up company identifiers across multiple shards/regions/zones
* [SoundCloud](https://soundcloud.com/) uses CoreDNS as internal cache+proxy in Kubernetes clusters to handle hundreds of thousands DNS service discovery requests per second.
* [Z Lab](https://zlab.co.jp) uses CoreDNS in production combination with Consul and Kubernetes Clusters.
* [Serpro/estaleiro](estaleiro.serpro.gov.br) uses CoreDNS as Kubernetes' DNS Server, in production with tuned Kubernetes plugin options
* [Lumo](https://thinklumo.com) uses CoreDNS as Kubernetes' DNS Server, in production and lab with default configuration
* [Booming Games](https://booming-games.com) uses CoreDNS in multiple Kubernetes clusters, with Federation plugin. expect to go into production soon.
* [Sodimac](https://www.sodimac.cl) uses CoreDNS with Kubernetes in production with default configuration.
* [Bose](https://www.bose.com/) uses CoreDNS with Kubernetes in production on very large cluster (over 250 nodes)
* [farmotive](https://farmotive.io) uses CoreDNS in Kubernetes using default configuration, in its Lab. Expect to be in production soon.
* [Zalando SE](https://www.zalando.de) uses CoreDNS as Kubernetes' DNS Server, in production.
* [Trainline](https://trainline.com) uses CoreDNS along with Kubernetes in production, with a tuned configuration.
* [AnchorFree](https://www.anchorfree.com) uses CoreDNS within Kubernetes in production, with standard configuration.
* [Datacom](https://datacom.co.nz) uses CoreDNS with a tuned configuration for Kubernetes, as production.
* [Takealot.com](https://www.takealot.com) uses CoreDNS as Kubernetes' DNS Server, in production.
* [scalable minds](https://scalableminds.com) uses CoreDNS with default configuration for Kubernetes in its production environment.
* [ObjectRocket](https://www.objectrocket.com) uses CoreDNS on its numerous Kubernetes' clusters, using refined configurations. Address both Lab and Production environment
* [Devino Telecom](https://devinotele.com) uses CoreDNS with default configuration for Kubernetes for its Lab and its Production.
* [Yandex Money](https://money.yandex.ru) uses CoreDNS in Lab and Production, using default configuration for Kubernetes.
* [AdGuard](https://adguard.com/) uses CoreDNS in [AdGuard Home](https://github.com/AdguardTeam/AdGuardHome) and, therefore, in production public AdGuard DNS servers.
* [Skyscanner](https://www.skyscanner.net) uses CoreDNS within Kubernetes in production with the configuration tuned to use the Autopath plugin.
* [Zinza Technology](https://zinza.com.vn) uses CoreDNS within Kubernetes in production, with standard configuration.
* [Hualala](https://www.hualala.com) uses CoreDNS in Kubernetes using default configuration, in its Lab. Expected to be in production soon.
* [Hellofresh](https://www.hellofresh.com/) uses CoreDNS in multiple Kubernetes clusters, with Forward plugin.
* [Render](https://render.com) uses CoreDNS in production across all its Kubernetes clusters.
* [BackMarket](https://www.backmarket.com) uses CoreDNS within Kubernetes in production, with standard configuration.
* [Absa Group](https://www.absa.africa) uses CoreDNS as an integral part of Kubernetes Global Balancer project - [k8gb](https://www.k8gb.io/).

54
CODEOWNERS
View File

@ -1,54 +0,0 @@
# @miekg, miek@miek.nl, project lead: 11/11/2021
* @bradbeam @chrisohaver @dilyevsky @fastest963 @greenpau @isolus @johnbelamaric @miekg @pmoroney @rajansandeep @stp-ip @superq @yongtang
/.circleci/ @miekg @chrisohaver @rajansandeep
/plugin/pkg/ @miekg @chrisohaver @johnbelamaric @yongtang @stp-ip
/coremain/ @miekg @chrisohaver @johnbelamaric @yongtang @stp-ip
/core/ @miekg @chrisohaver @johnbelamaric @yongtang @stp-ip
/request/ @miekg @chrisohaver @johnbelamaric @yongtang @stp-ip
/plugin/* @miekg @chrisohaver @johnbelamaric @yongtang @stp-ip
go.sum @miekg @chrisohaver @johnbelamaric @yongtang @stp-ip
go.mod @miekg @chrisohaver @johnbelamaric @yongtang @stp-ip
/plugin/acl/ @miekg @ihac
/plugin/any/ @miekg
/plugin/auto/ @miekg @stp-ip
/plugin/autopath/ @chrisohaver @miekg
/plugin/azure/ @miekg @yongtang @darshanime
/plugin/bind/ @miekg
/plugin/bufsize/ @ykhr53
/plugin/cache/ @miekg
/plugin/cancel/ @miekg
/plugin/chaos/ @miekg @zouyee
/plugin/clouddns/ @miekg @yongtang
/plugin/dns64 @superq
/plugin/dnssec/ @isolus @miekg
/plugin/dnstap/ @varyoo @yongtang
/plugin/erratic/ @miekg
/plugin/errors/ @miekg
/plugin/etcd/ @miekg @nitisht
/plugin/file/ @miekg @yongtang @stp-ip
/plugin/forward/ @johnbelamaric @miekg @rdrozhdzh
/plugin/grpc/ @inigohu @miekg @zouyee
/plugin/health/ @fastest963 @miekg @zouyee
/plugin/hosts/ @johnbelamaric @pmoroney
/plugin/k8s_external/ @miekg
/plugin/kubernetes/ @bradbeam @chrisohaver @johnbelamaric @miekg @rajansandeep @yongtang @zouyee
/plugin/loadbalance/ @miekg
/plugin/log/ @miekg @nchrisdk
/plugin/loop/ @miekg @chrisohaver
/plugin/metadata/ @ekleiner @miekg
/plugin/metrics/ @fastest963 @miekg @superq @greenpau
/plugin/nsid/ @yongtang
/plugin/pprof/ @miekg @zouyee
/plugin/reload/ @johnbelamaric
/plugin/rewrite/ @greenpau @johnbelamaric
/plugin/root/ @miekg
/plugin/route53/ @yongtang @dilyevsky
/plugin/secondary/ @bradbeam @miekg
/plugin/template/ @rtreffer
/plugin/tls/ @johnbelamaric
/plugin/trace/ @johnbelamaric @zouyee
/plugin/transfer/ @miekg @chrisohaver
/plugin/whoami/ @miekg @chrisohaver

1
CODE_OF_CONDUCT.md
View File

@ -1 +0,0 @@
.github/CODE_OF_CONDUCT.md

12
Dockerfile
View File

@ -1,12 +0,0 @@
FROM debian:stable-slim
RUN apt-get update && apt-get -uy upgrade
RUN apt-get -y install ca-certificates && update-ca-certificates
FROM scratch
COPY --from=0 /etc/ssl/certs /etc/ssl/certs
ADD coredns /coredns
EXPOSE 53 53/udp
ENTRYPOINT ["/coredns"]

145
GOVERNANCE.md
View File

@ -1,145 +0,0 @@
# CoreDNS Governance
## Principles
The CoreDNS community adheres to the following principles:
- Open: CoreDNS is open source, advertised on [our website](https://coredns.io/community).
- Welcoming and respectful: See [Code of Conduct](CODE-OF-CONDUCT.md).
- Transparent and accessible: Changes to the CoreDNS organization, CoreDNS code repositories, and CNCF related activities (e.g. level, involvement, etc) are done in public.
- Merit: Ideas and contributions are accepted according to their technical merit and alignment with
project objectives, scope, and design principles.
## Project Lead
The CoreDNS project has a project lead.
A project lead in CoreDNS is
a single person that has a final say in any decision concerning the CoreDNS project.
The term of the project lead is one year, with no term limit restriction.
The project lead is elected by CoreDNS maintainers
according to an individual's technical merit to CoreDNS project.
The current project lead is identified in the [CODEOWNERS](CODEOWNERS) file with the string
`project lead` and the term behind the name in a comment at the top of the file.
## Expectations from Maintainers
Every one carries water...
Making a community work requires input/effort from everyone. Maintainers should actively
participate in Pull Request reviews. Maintainers are expected to respond to assigned Pull Requests
in a *reasonable* time frame, either providing insights, or assign the Pull Requests to other
maintainers.
Every Maintainer is listed in the
[CODEOWNERS](https://github.com/coredns/coredns/blob/master/CODEOWNERS)
file, with their Github handle.
A Maintainer should be a member of `maintainers@coredns.io`, although this is not a hard requirement.
## Becoming a Maintainer
On successful merge of a significant pull request any current maintainer can reach
to the author behind the pull request and ask them if they are willing to become a CoreDNS
maintainer. The email of the new maintainer invitation should be cc'ed to `maintainers@coredns.io`
as part of the process.
## Changes in Maintainership
If a Maintainer feels she/he can not fulfill the "Expectations from Maintainers", they are free to
step down.
The CoreDNS organization will never forcefully remove a current Maintainer, unless a maintainer
fails to meet the principles of CoreDNS community,
or adhere to the [Code of Conduct](CODE-OF-CONDUCT.md).
## Changes in Project Lead
Changes in project lead or term is initiated by opening a github PR.
Anyone from CoreDNS community can vote on the PR with either +1 or -1.
Only the following votes are binding:
1) Any maintainer that has been listed in the [CODEOWNERS](CODEOWNERS) file before the PR is opened.
2) Any maintainer from an organization may cast the vote for that organization. However, no organization
should have more binding votes than 1/5 of the total number of maintainers defined in 1).
The PR should only be opened no earlier than 6 weeks before the end of the project lead's term.
The PR should be kept open for no less than 4 weeks. The PR can only be merged after the end of the
last project lead's term, with more +1 than -1 in the binding votes.
When there are conflicting PRs about changes in project lead, the PR with the most binding +1 votes is merged.
The project lead can volunteer to step down.
## Changes in Project Governance
Changes in project governance (GOVERNANCE.md) could be initiated by opening a github PR.
The PR should only be opened no earlier than 6 weeks before the end of the project lead's term.
The PR should be kept open for no less than 4 weeks. The PR can only be merged follow the same
voting process as in `Changes in Project Lead`.
## Decision making process
Decisions are build on consensus between maintainers.
Proposals and ideas can either be submitted for agreement via a github issue or PR,
or by sending an email to `maintainers@coredns.io`.
In general, we prefer that technical issues and maintainer membership are amicably worked out between the persons involved.
If a dispute cannot be decided independently, get a third-party maintainer (e.g. a mutual contact with some background
on the issue, but not involved in the conflict) to intercede.
If a dispute still cannot be decided, the project lead has the final say to decide an issue.
Decision making process should be transparent to adhere to
the principles of CoreDNS project.
All proposals, ideas, and decisions by maintainers or the project lead
should either be part of a github issue or PR, or be sent to `maintainers@coredns.io`.
## Github Project Administration
The __coredns__ GitHub project maintainers team reflects the list of Maintainers.
## Other Projects
The CoreDNS organization is open to receive new sub-projects under its umbrella. To accept a project
into the __CoreDNS__ organization, it has to meet the following criteria:
- Must be licensed under the terms of the Apache License v2.0
- Must be related to one or more scopes of the CoreDNS ecosystem:
- CoreDNS project artifacts (website, deployments, CI, etc)
- External plugins
- Other DNS related processing
- Must be supported by a Maintainer not associated or affiliated with the author(s) of the sub-projects
The submission process starts as a Pull Request or Issue on the
[coredns/coredns](https://github.com/coredns/coredns) repository with the required information
mentioned above. Once a project is accepted, it's considered a __CNCF sub-project under the umbrella
of CoreDNS__.
## New Plugins
The CoreDNS is open to receive new plugins as part of the CoreDNS repo. The submission process
is the same as a Pull Request submission. Unlike small Pull Requests though, a new plugin submission
should only be approved by a maintainer not associated or affiliated with the author(s) of the
plugin.
## CoreDNS and CNCF
CoreDNS is a CNCF project. As such, CoreDNS might be involved in CNCF (or other CNCF projects) related
marketing, events, or activities. Any maintainer could help driving the CoreDNS involvement, as long as
she/he sends email to `maintainers@coredns.io` (or create a GitHub Pull Request) to call for participation
from other maintainers. The `Call for Participation` should be kept open for no less than a week if time
permits, or a _reasonable_ time frame to allow maintainers to have a chance to volunteer.
## Code of Conduct
The [CoreDNS Code of Conduct](CODE-OF-CONDUCT.md) is aligned with the CNCF Code of Conduct.
## Credits
Sections of this documents have been borrowed from [Fluentd](https://github.com/fluent/fluentd/blob/master/GOVERNANCE.md) and [Envoy](https://github.com/envoyproxy/envoy/blob/master/GOVERNANCE.md) projects.

35
Makefile
View File

@ -1,35 +0,0 @@
# Makefile for building CoreDNS
GITCOMMIT:=$(shell git describe --dirty --always)
BINARY:=coredns
SYSTEM:=
CHECKS:=check
BUILDOPTS:=-v
GOPATH?=$(HOME)/go
MAKEPWD:=$(dir $(realpath $(firstword $(MAKEFILE_LIST))))
CGO_ENABLED:=0
.PHONY: all
all: coredns
.PHONY: coredns
coredns: $(CHECKS)
CGO_ENABLED=$(CGO_ENABLED) $(SYSTEM) go build $(BUILDOPTS) -ldflags="-s -w -X github.com/coredns/coredns/coremain.GitCommit=$(GITCOMMIT)" -o $(BINARY)
.PHONY: check
check: core/plugin/zplugin.go core/dnsserver/zdirectives.go
core/plugin/zplugin.go core/dnsserver/zdirectives.go: plugin.cfg
go generate coredns.go
.PHONY: gen
gen:
go generate coredns.go
.PHONY: pb
pb:
$(MAKE) -C pb
.PHONY: clean
clean:
go clean
rm -f coredns

64
Makefile.doc
View File

@ -1,64 +0,0 @@
# This Makefile generates the manual pages from the markdown README.mds. It depends
# on https://github.com/mmarkdown/mmark to be installed. Generally we want this to be
# updated before doing a release. The Debian package, for instance, looks at these pages
# and will install them on your system.
MMARK_VERSION:=2.2.4
PLUGINS:=$(wildcard plugin/*/README.md)
READMES:=$(subst plugin/,,$(PLUGINS))
READMES:=$(subst /README.md,,$(READMES))
PLUGINS:=$(subst plugin/,coredns-,$(PLUGINS))
PLUGINS:=$(subst /README.md,(7),$(PLUGINS))
all: mmark man/coredns.1 man/corefile.5 plugins
GO ?= go
GOHOSTOS ?= $(shell $(GO) env GOHOSTOS)
GOHOSTARCH ?= $(shell $(GO) env GOHOSTARCH)
GO_BUILD_PLATFORM ?= $(GOHOSTOS)_$(GOHOSTARCH)
FIRST_GOPATH := $(firstword $(subst :, ,$(shell $(GO) env GOPATH)))
MMARK_BIN := $(FIRST_GOPATH)/bin/mmark
MMARK := $(FIRST_GOPATH)/bin/mmark -man
MMARK_URL := https://github.com/mmarkdown/mmark/releases/download/v$(MMARK_VERSION)/mmark_$(MMARK_VERSION)_$(GO_BUILD_PLATFORM).tgz
.PHONY: mmark
mmark: $(MMARK_BIN)
$(MMARK_BIN):
$(eval MMARK_TMP := $(shell mktemp -d))
curl -s -L $(MMARK_URL) | tar -xvzf - -C $(MMARK_TMP)
mkdir -p $(FIRST_GOPATH)/bin
cp $(MMARK_TMP)/mmark $(FIRST_GOPATH)/bin/mmark
rm -r $(MMARK_TMP)
man/coredns.1: coredns.1.md
@/bin/echo -e '%%%\n title = "coredns 1"\n' \
'area = "CoreDNS"\n workgroup = "CoreDNS"\n%%%\n\n' > $@.header
@cat $@.header $< > $@.md && rm $@.header
@sed -i -e "s/@@PLUGINS@@/$(PLUGINS)/" $@.md
$(MMARK) $@.md > $@ && rm $@.md
man/corefile.5: corefile.5.md
@/bin/echo -e '%%%\n title = "corefile 5"\n' \
'area = "CoreDNS"\n workgroup = "CoreDNS"\n%%%\n\n' > $@.header
@cat $@.header $< > $@.md && rm $@.header
$(MMARK) $@.md > $@ && rm $@.md
.PHONY: plugins
plugins:
for README in $(READMES); do \
$(MAKE) -f Makefile.doc man/coredns-$$README.7; \
done
man/coredns-%.7: plugin/%/README.md
@/bin/echo -e "%%%\n title = \"`basename $@ | sed s\/\.7\/\/` 7\"\n" \
'area = "CoreDNS"\n workgroup = "CoreDNS Plugins"\n%%%\n\n' > $@.header
@cat $@.header $< > $@.md && rm $@.header
@sed -i '/^# .*/d' $@.md
$(MMARK) $@.md > $@ && rm $@.md
PHONY: clean
clean:
rm -f man/*

58
Makefile.fuzz
View File

@ -1,58 +0,0 @@
# Makefile for fuzzing
#
# With https://app.fuzzit.dev/ we are continuously fuzzing CoreDNS.
#
# Use go-fuzz and needs the tools installed. For each fuzz.go in a plugin's directory
# you can start the fuzzing with: make -f Makefile.fuzz <plugin>
# e.g.
#
# make -f Makefile.fuzz forward
#
# Each plugin that wants to join the fuzzing fray only needs to add a fuzz.go that calls
# the plugin's ServeDNS and used the plugin/pkg/fuzz for the Do function.
#
# Installing go-fuzz is very tricky because it does not support Go modules, see the `Makefile`
# for the current trickery. The following may do the trick:
#
# GO111MODULE=off go get github.com/dvyukov/go-fuzz/go-fuzz-build
REPO:="github.com/coredns/coredns"
FUZZIT:=v2.4.35
# set LIBFUZZER=YES to build libfuzzer compatible targets
FUZZ:=$(dir $(wildcard plugin/*/fuzz.go)) # plugin/cache/
PLUGINS:=$(foreach f,$(FUZZ),$(subst plugin, ,$(f:/=))) # > /cache
PLUGINS:=$(foreach f,$(PLUGINS),$(subst /, ,$(f))) # > cache
.PHONY: echo
echo:
@echo $(PLUGINS) corefile
all: $(PLUGINS) corefile
.PHONY: $(PLUGINS)
$(PLUGINS): echo
ifeq ($(LIBFUZZER), YES)
go-fuzz-build -libfuzzer -o $(@).a ./plugin/$(@)
clang -fsanitize=fuzzer $(@).a -o $(@)
else
go-fuzz-build $(REPO)/plugin/$(@)
go-fuzz -bin=./$(@)-fuzz.zip -workdir=fuzz/$(@)
endif
.PHONY: corefile
corefile:
ifeq ($(LIBFUZZER), YES)
go-fuzz-build -libfuzzer -o $(@).a ./test
clang -fsanitize=fuzzer $(@).a -o $(@)
else
go-fuzz-build $(REPO)/test
go-fuzz -bin=./test-fuzz.zip -workdir=fuzz/$(@)
endif
fuzzit:
wget --quiet -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/$(FUZZIT)/fuzzit_Linux_x86_64 && chmod +x fuzzit
.PHONY: clean
clean:
rm *-fuzz.zip

207
Makefile.release
View File

@ -1,207 +0,0 @@
# Makefile for releasing CoreDNS
#
# The release is controlled from coremain/version.go. The version found there is
# used to tag the git repo and to build the assets that are uploaded to GitHub.
#
# The release should be accompanied by release notes in the notes/ subdirectory.
# These are published on coredns.io. For example see: notes/coredns-1.5.1.md
# Use make -f Makefile.release notes to create a skeleton notes document.
#
# Be sure to prune the PR list a bit, not everything is worthy!
#
# As seen in notes/coredns-1.5.1.md we want to style the notes in the following manner:
#
# * important changes at the top
# * people who committed/review code (the latter is harder to get)
# * Slightly abbreviated list of pull requests merged for this release.
#
# Steps to release, first:
#
# 1. Up the version in coremain/version.go
# 2. Do a make -f Makefile.doc # This has been automated in GitHub, so you can probably skip this step
# 3. go generate
# 4. Send PR to get this merged.
#
# Then:
#
# 1. Open an issue for this release
# 2. In an issue give the command: /release master VERSION
# Where VERSION is the version of the release - the release script double checks this with the
# actual CoreDNS version in coremain/version.go
# 3. (to test as release /release -t master VERSION can be used.
#
# See https://github.com/coredns/release for documentation README on what needs to be setup for this to be
# automated (can still be done by hand if needed). Especially what environment variables need to be
# set! This further depends on Caddy being setup and [dreck](https://github.com/miekg/dreck) running as a plugin in Caddy.
#
# To release we run, these target from the this Makefile.release ordered like:
# * make release
# * make docker
# * make github-push
# * make docker-push
#
# Testing this is hard-ish as you don't want to accidentially release a coredns. If not executing the github-push target
# and using a non-coredns docker repo you should be fine.
# Testing docker is done e.g. via:
#
# export DOCKER_PASSWORD=<pass>
# export DOCKER_LOGIN=miek
# make DOCKER=miek -f Makefile.release build docker-build docker-push
EMPTY:=
SPACE:=$(EMPTY) $(EMPTY)
COMMA:=$(EMPTY),$(EMPTY)
ifeq (, $(shell which curl))
$(error "No curl in $$PATH, please install")
endif
# DOCKER is the docker image repo we need to push to.
DOCKER:=
NAME:=coredns
VERSION:=$(shell grep 'CoreVersion' coremain/version.go | awk '{ print $$3 }' | tr -d '"')
GITHUB:=coredns
# mips is not in LINUX_ARCH because it's not supported by docker manifest
LINUX_ARCH:=amd64 arm arm64 mips64le ppc64le s390x
DOCKER_IMAGE_NAME:=$(DOCKER)/$(NAME)
PLATFORMS:=$(subst $(SPACE),$(COMMA),$(foreach arch,$(LINUX_ARCH),linux/$(arch)))
DOCKER_IMAGE_LIST_VERSIONED:=$(shell echo $(LINUX_ARCH) | sed -e "s~[^ ]*~$(DOCKER_IMAGE_NAME)\-&:$(VERSION)~g")
DOCKER_IMAGE_LIST_LATEST:=$(shell echo $(LINUX_ARCH) | sed -e "s~[^ ]*~$(DOCKER_IMAGE_NAME)\-&:latest~g")
all:
@echo Use the 'release' target to build a release, 'docker' for docker build.
release: build tar
docker: docker-build
.PHONY: build
build:
@go version
@echo Cleaning old builds
@rm -rf build && mkdir build
@echo Building: darwin/amd64 - $(VERSION)
mkdir -p build/darwin/amd64 && $(MAKE) coredns BINARY=build/darwin/amd64/$(NAME) SYSTEM="GOOS=darwin GOARCH=amd64" CHECKS="" BUILDOPTS=""
@echo Building: windows/amd64 - $(VERSION)
mkdir -p build/windows/amd64 && $(MAKE) coredns BINARY=build/windows/amd64/$(NAME).exe SYSTEM="GOOS=windows GOARCH=amd64" CHECKS="" BUILDOPTS=""
@echo Building: linux/mips - $(VERSION)
mkdir -p build/linux/mips && $(MAKE) coredns BINARY=build/linux/mips/$(NAME) SYSTEM="GOOS=linux GOARCH=mips" CHECKS="" BUILDOPTS=""
@echo Building: linux/$(LINUX_ARCH) - $(VERSION) ;\
for arch in $(LINUX_ARCH); do \
mkdir -p build/linux/$$arch && $(MAKE) coredns BINARY=build/linux/$$arch/$(NAME) SYSTEM="GOOS=linux GOARCH=$$arch" CHECKS="" BUILDOPTS="" ;\
done
.PHONY: tar
tar:
@echo Cleaning old releases
@rm -rf release && mkdir release
tar -zcf release/$(NAME)_$(VERSION)_darwin_amd64.tgz -C build/darwin/amd64 $(NAME)
tar -zcf release/$(NAME)_$(VERSION)_windows_amd64.tgz -C build/windows/amd64 $(NAME).exe
tar -zcf release/$(NAME)_$(VERSION)_linux_mips.tgz -C build/linux/mips $(NAME)
tar -zcf release/$(NAME)_$(VERSION)_linux_mips64le.tgz -C build/linux/mips64le $(NAME)
for arch in $(LINUX_ARCH); do \
tar -zcf release/$(NAME)_$(VERSION)_linux_$$arch.tgz -C build/linux/$$arch $(NAME) ;\
done
.PHONY: github-push
github-push:
ifeq ($(GITHUB_ACCESS_TOKEN),)
$(error "Please set the GITHUB_ACCESS_TOKEN environment variable")
else
@echo Releasing: $(VERSION)
@$(eval RELEASE:=$(shell curl -s -d '{"tag_name": "v$(VERSION)", "name": "v$(VERSION)"}' -H "Authorization: token ${GITHUB_ACCESS_TOKEN}" "https://api.github.com/repos/$(GITHUB)/$(NAME)/releases" | grep -m 1 '"id"' | tr -cd '[[:digit:]]'))
@echo ReleaseID: $(RELEASE)
@( cd release; for asset in `ls -A *tgz`; do \
echo $$asset; \
curl -o /dev/null -X POST \
-H "Content-Type: application/gzip" \
-H "Authorization: token ${GITHUB_ACCESS_TOKEN}" \
--data-binary "@$$asset" \
"https://uploads.github.com/repos/$(GITHUB)/$(NAME)/releases/$(RELEASE)/assets?name=$${asset}" ; \
done )
@( cd release; for asset in `ls -A *tgz`; do \
sha256sum $$asset > $$asset.sha256; \
done )
@( cd release; for asset in `ls -A *sha256`; do \
echo $$asset; \
curl -o /dev/null -X POST \
-H "Content-Type: text/plain" \
-H "Authorization: token ${GITHUB_ACCESS_TOKEN}" \
--data-binary "@$$asset" \
"https://uploads.github.com/repos/$(GITHUB)/$(NAME)/releases/$(RELEASE)/assets?name=$${asset}" ; \
done )
endif
.PHONY: docker-build
docker-build: tar
ifeq ($(DOCKER),)
$(error "Please specify Docker registry to use. Use DOCKER=coredns for releases")
else
@# Steps:
@# 1. Copy appropriate coredns binary to build/docker/linux/<arch>
@# 2. Copy Dockerfile to build/docker/linux/<arch>
@rm -rf build/docker
for arch in $(LINUX_ARCH); do \
mkdir -p build/docker/linux/$${arch} ;\
tar -xzf release/$(NAME)_$(VERSION)_linux_$${arch}.tgz -C build/docker/linux/$${arch} ;\
cp Dockerfile build/docker/linux/$${arch} ;\
docker build -t $(DOCKER_IMAGE_NAME)-$${arch}:$(VERSION) build/docker/linux/$${arch} ;\
docker tag $(DOCKER_IMAGE_NAME)-$${arch}:$(VERSION) $(DOCKER_IMAGE_NAME)-$${arch}:latest ;\
done
endif
.PHONY: docker-push
docker-push:
ifeq ($(DOCKER),)
$(error "Please specify Docker registry to use. Use DOCKER=coredns for releases")
else
@# Experimental CLI is required for docker manifest to work
@# Pushes coredns/coredns-$arch:$version images
@# Creates manifest for multi-arch image
@# Pushes multi-arch image to coredns/coredns:$version
export DOCKER_CLI_EXPERIMENTAL=enabled
@echo $(DOCKER_PASSWORD) | docker login -u $(DOCKER_LOGIN) --password-stdin
@echo Pushing: $(VERSION) to $(DOCKER_IMAGE_NAME)
for arch in $(LINUX_ARCH); do \
docker push $(DOCKER_IMAGE_NAME)-$${arch}:$(VERSION) ;\
docker push $(DOCKER_IMAGE_NAME)-$${arch}:latest ;\
done
docker manifest create --amend $(DOCKER_IMAGE_NAME):$(VERSION) $(DOCKER_IMAGE_LIST_VERSIONED)
docker manifest create --amend $(DOCKER_IMAGE_NAME):latest $(DOCKER_IMAGE_LIST_LATEST)
for arch in $(LINUX_ARCH); do \
docker manifest annotate --arch $${arch} $(DOCKER_IMAGE_NAME):$(VERSION) $(DOCKER_IMAGE_NAME)-$${arch}:$(VERSION) ;\
docker manifest annotate --arch $${arch} $(DOCKER_IMAGE_NAME):latest $(DOCKER_IMAGE_NAME)-$${arch}:latest ;\
done
docker manifest push --purge $(DOCKER_IMAGE_NAME):$(VERSION)
docker manifest push --purge $(DOCKER_IMAGE_NAME):latest
endif
.PHONY: version
version:
@echo $(VERSION)
.PHONY: clean
clean:
rm -rf release
rm -rf build
.PHONY: notes
notes:
@$(MAKE) -s -f Makefile.release authors
@echo
@$(MAKE) -s -f Makefile.release prs
.PHONY: prs
prs:
@echo "## Noteworthy Changes"
@echo
@git log $$(git describe --tags --abbrev=0)..HEAD --oneline | awk ' { $$1="";print } ' | sed 's/^ //' | sed -e 's|#\([0-9]\)|https://github.com/coredns/coredns/pull/\1|' | \
grep -v '^build(deps)' | \
grep -v '^auto go mod tidy' | grep -v '^auto remove' | grep -v '^auto make' | sed 's/^/* /'
.PHONY: authors
authors:
@echo "## Brought to You By"
@echo
@git log --pretty=format:'%an' $$(git describe --tags --abbrev=0)..master | sort -u | grep -v '^coredns-auto' | grep -v '^coredns\[bot\]' | grep -v '^dependabot-preview' | \
tac | cat -n | sed -e 's/^[[:space:]]\+1[[:space:]]\+\(.*\)/\1./' | sed -e 's/^[[:space:]]\+[[:digit:]]\+[[:space:]]\+\(.*\)/\1,/' | tac # comma separate, with dot at the end

1
SECURITY.md
View File

@ -1 +0,0 @@
.github/SECURITY.md

2
core/coredns.go
View File

@ -3,5 +3,5 @@ package core
import (
// plug in the server
_ "github.com/coredns/coredns/core/dnsserver"
_ "coredns/core/dnsserver"
)

4
core/dnsserver/config.go
View File

@ -5,8 +5,8 @@ import (
"fmt"
"net/http"
"github.com/coredns/caddy"
"github.com/coredns/coredns/plugin"
"coredns/caddy"
"coredns/plugin"
)
// Config configuration for a single server.

2
core/dnsserver/https.go
View File

@ -4,7 +4,7 @@ import (
"net"
"net/http"
"github.com/coredns/coredns/plugin/pkg/nonwriter"
"coredns/plugin/pkg/nonwriter"
)
// DoHWriter is a nonwriter.Writer that adds more specific LocalAddr and RemoteAddr methods.

2
core/dnsserver/log_test.go
View File

@ -1,5 +1,5 @@
package dnsserver
import clog "github.com/coredns/coredns/plugin/pkg/log"
import clog "coredns/plugin/pkg/log"
func init() { clog.Discard() }

21
core/dnsserver/register.go
View File

@ -6,11 +6,11 @@ import (
"net"
"time"
"github.com/coredns/caddy"
"github.com/coredns/caddy/caddyfile"
"github.com/coredns/coredns/plugin"
"github.com/coredns/coredns/plugin/pkg/parse"
"github.com/coredns/coredns/plugin/pkg/transport"
"coredns/caddy"
"coredns/caddyfile"
"coredns/plugin"
"coredns/plugin/pkg/parse"
"coredns/plugin/pkg/transport"
"github.com/miekg/dns"
)
@ -66,17 +66,6 @@ func (h *dnsContext) InspectServerBlocks(sourceFile string, serverBlocks []caddy
for ik, k := range s.Keys {
trans, k1 := parse.Transport(k) // get rid of any dns:// or other scheme.
hosts, port, err := plugin.SplitHostPort(k1)
// We need to make this a fully qualified domain name to catch all errors here and not later when
// plugin.Normalize is called again on these strings, with the prime difference being that the domain
// name is fully qualified. This was found by fuzzing where "ȶ" is deemed OK, but "ȶ." is not (might be a
// bug in miekg/dns actually). But here we were checking ȶ, which is OK, and later we barf in ȶ. leading to
// "index out of range".
for ih := range hosts {
_, _, err := plugin.SplitHostPort(dns.Fqdn(hosts[ih]))
if err != nil {
return nil, err
}
}
if err != nil {
return nil, err
}

20
core/dnsserver/server.go
View File

@ -10,16 +10,16 @@ import (
"sync"
"time"
"github.com/coredns/caddy"
"github.com/coredns/coredns/plugin"
"github.com/coredns/coredns/plugin/metrics/vars"
"github.com/coredns/coredns/plugin/pkg/edns"
"github.com/coredns/coredns/plugin/pkg/log"
"github.com/coredns/coredns/plugin/pkg/rcode"
"github.com/coredns/coredns/plugin/pkg/reuseport"
"github.com/coredns/coredns/plugin/pkg/trace"
"github.com/coredns/coredns/plugin/pkg/transport"
"github.com/coredns/coredns/request"
"coredns/caddy"
"coredns/plugin"
"coredns/plugin/metrics/vars"
"coredns/plugin/pkg/edns"
"coredns/plugin/pkg/log"
"coredns/plugin/pkg/rcode"
"coredns/plugin/pkg/reuseport"
"coredns/plugin/pkg/trace"
"coredns/plugin/pkg/transport"
"coredns/request"
"github.com/miekg/dns"
ot "github.com/opentracing/opentracing-go"

8
core/dnsserver/server_grpc.go
View File

@ -7,10 +7,10 @@ import (
"fmt"
"net"
"github.com/coredns/caddy"
"github.com/coredns/coredns/pb"
"github.com/coredns/coredns/plugin/pkg/reuseport"
"github.com/coredns/coredns/plugin/pkg/transport"
"coredns/caddy"
"coredns/pb"
"coredns/plugin/pkg/reuseport"
"coredns/plugin/pkg/transport"
"github.com/grpc-ecosystem/grpc-opentracing/go/otgrpc"
"github.com/miekg/dns"

12
core/dnsserver/server_https.go
View File

@ -9,12 +9,12 @@ import (
"strconv"
"time"
"github.com/coredns/caddy"
"github.com/coredns/coredns/plugin/pkg/dnsutil"
"github.com/coredns/coredns/plugin/pkg/doh"
"github.com/coredns/coredns/plugin/pkg/response"
"github.com/coredns/coredns/plugin/pkg/reuseport"
"github.com/coredns/coredns/plugin/pkg/transport"
"coredns/caddy"
"coredns/plugin/pkg/dnsutil"
"coredns/plugin/pkg/doh"
"coredns/plugin/pkg/response"
"coredns/plugin/pkg/reuseport"
"coredns/plugin/pkg/transport"
)
// ServerHTTPS represents an instance of a DNS-over-HTTPS server.

6
core/dnsserver/server_test.go
View File

@ -4,9 +4,9 @@ import (
"context"
"testing"
"github.com/coredns/coredns/plugin"
"github.com/coredns/coredns/plugin/pkg/log"
"github.com/coredns/coredns/plugin/test"
"coredns/plugin"
"coredns/plugin/pkg/log"
"coredns/plugin/test"
"github.com/miekg/dns"
)

6
core/dnsserver/server_tls.go
View File

@ -6,9 +6,9 @@ import (
"fmt"
"net"
"github.com/coredns/caddy"
"github.com/coredns/coredns/plugin/pkg/reuseport"
"github.com/coredns/coredns/plugin/pkg/transport"
"coredns/caddy"
"coredns/plugin/pkg/reuseport"
"coredns/plugin/pkg/transport"
"github.com/miekg/dns"
)

9
core/dnsserver/zdirectives.go
View File

@ -19,16 +19,13 @@ var Directives = []string{
"root",
"bind",
"debug",
"trace",
"ready",
"health",
"pprof",
"prometheus",
"errors",
"log",
"dnstap",
"local",
"dns64",
"acl",
"any",
"chaos",
@ -41,15 +38,9 @@ var Directives = []string{
"template",
"transfer",
"hosts",
"route53",
"azure",
"clouddns",
"k8s_external",
"kubernetes",
"file",
"auto",
"secondary",
"etcd",
"loop",
"forward",
"grpc",

85
core/plugin/zplugin.go
View File

@ -4,51 +4,42 @@ package plugin
import (
// Include all plugins.
_ "github.com/coredns/caddy/onevent"
_ "github.com/coredns/coredns/plugin/acl"
_ "github.com/coredns/coredns/plugin/any"
_ "github.com/coredns/coredns/plugin/auto"
_ "github.com/coredns/coredns/plugin/autopath"
_ "github.com/coredns/coredns/plugin/azure"
_ "github.com/coredns/coredns/plugin/bind"
_ "github.com/coredns/coredns/plugin/bufsize"
_ "github.com/coredns/coredns/plugin/cache"
_ "github.com/coredns/coredns/plugin/cancel"
_ "github.com/coredns/coredns/plugin/chaos"
_ "github.com/coredns/coredns/plugin/clouddns"
_ "github.com/coredns/coredns/plugin/debug"
_ "github.com/coredns/coredns/plugin/dns64"
_ "github.com/coredns/coredns/plugin/dnssec"
_ "github.com/coredns/coredns/plugin/dnstap"
_ "github.com/coredns/coredns/plugin/erratic"
_ "github.com/coredns/coredns/plugin/errors"
_ "github.com/coredns/coredns/plugin/etcd"
_ "github.com/coredns/coredns/plugin/file"
_ "github.com/coredns/coredns/plugin/forward"
_ "github.com/coredns/coredns/plugin/grpc"
_ "github.com/coredns/coredns/plugin/health"
_ "github.com/coredns/coredns/plugin/hosts"
_ "github.com/coredns/coredns/plugin/k8s_external"
_ "github.com/coredns/coredns/plugin/kubernetes"
_ "github.com/coredns/coredns/plugin/loadbalance"
_ "github.com/coredns/coredns/plugin/local"
_ "github.com/coredns/coredns/plugin/log"
_ "github.com/coredns/coredns/plugin/loop"
_ "github.com/coredns/coredns/plugin/metadata"
_ "github.com/coredns/coredns/plugin/metrics"
_ "github.com/coredns/coredns/plugin/minimal"
_ "github.com/coredns/coredns/plugin/nsid"
_ "github.com/coredns/coredns/plugin/pprof"
_ "github.com/coredns/coredns/plugin/ready"
_ "github.com/coredns/coredns/plugin/reload"
_ "github.com/coredns/coredns/plugin/rewrite"
_ "github.com/coredns/coredns/plugin/root"
_ "github.com/coredns/coredns/plugin/route53"
_ "github.com/coredns/coredns/plugin/secondary"
_ "github.com/coredns/coredns/plugin/sign"
_ "github.com/coredns/coredns/plugin/template"
_ "github.com/coredns/coredns/plugin/tls"
_ "github.com/coredns/coredns/plugin/trace"
_ "github.com/coredns/coredns/plugin/transfer"
_ "github.com/coredns/coredns/plugin/whoami"
_ "coredns/plugin/acl"
_ "coredns/plugin/any"
_ "coredns/plugin/auto"
_ "coredns/plugin/autopath"
_ "coredns/plugin/bind"
_ "coredns/plugin/bufsize"
_ "coredns/plugin/cache"
_ "coredns/plugin/cancel"
_ "coredns/plugin/chaos"
_ "coredns/plugin/debug"
_ "coredns/plugin/dnssec"
_ "coredns/plugin/dnstap"
_ "coredns/plugin/erratic"
_ "coredns/plugin/errors"
_ "coredns/plugin/file"
_ "coredns/plugin/forward"
_ "coredns/plugin/grpc"
_ "coredns/plugin/health"
_ "coredns/plugin/hosts"
_ "coredns/plugin/loadbalance"
_ "coredns/plugin/local"
_ "coredns/plugin/log"
_ "coredns/plugin/loop"
_ "coredns/plugin/metadata"
_ "coredns/plugin/minimal"
_ "coredns/plugin/nsid"
_ "coredns/plugin/pprof"
_ "coredns/plugin/ready"
_ "coredns/plugin/reload"
_ "coredns/plugin/rewrite"
_ "coredns/plugin/root"
_ "coredns/plugin/secondary"
_ "coredns/plugin/sign"
_ "coredns/plugin/template"
_ "coredns/plugin/tls"
_ "coredns/plugin/transfer"
_ "coredns/plugin/whoami"
_ "coredns/caddy/onevent"
)

4
coredns.go
View File

@ -4,8 +4,8 @@ package main
//go:generate go run owners_generate.go
import (
_ "github.com/coredns/coredns/core/plugin" // Plug in CoreDNS.
"github.com/coredns/coredns/coremain"
_ "coredns/core/plugin" // Plug in CoreDNS.
"coredns/coremain"
)
func main() {

4
coremain/run.go
View File

@ -10,8 +10,8 @@ import (
"runtime"
"strings"
"github.com/coredns/caddy"
"github.com/coredns/coredns/core/dnsserver"
"coredns/caddy"
"coredns/core/dnsserver"
)
func init() {

4
coremain/version.go
View File

@ -2,7 +2,7 @@ package coremain
// Various CoreDNS constants.
const (
CoreVersion = "1.8.3"
coreName = "CoreDNS"
CoreVersion = "0.0.1"
coreName = "tcp-direct-dns"
serverType = "dns"
)

2
directives_generate.go
View File

@ -108,7 +108,7 @@ func formatAndWrite(file string, data string) error {
}
const (
pluginPath = "github.com/coredns/coredns/plugin/"
pluginPath = "coredns/plugin/"
pluginFile = "plugin.cfg"
pluginFSPath = "plugin/" // Where the plugins are located on the file system
header = "// generated by directives_generate.go; DO NOT EDIT\n\n"

36
go.mod
View File

@ -1,41 +1,29 @@
module github.com/coredns/coredns
module coredns
go 1.16
require (
github.com/Azure/azure-sdk-for-go v53.3.0+incompatible
github.com/Azure/go-autorest/autorest v0.11.18
github.com/Azure/go-autorest/autorest/azure/auth v0.5.7
github.com/Azure/go-autorest/autorest/to v0.2.0 // indirect
github.com/DataDog/datadog-go v3.5.0+incompatible // indirect
github.com/apparentlymart/go-cidr v1.1.0
github.com/aws/aws-sdk-go v1.38.45
github.com/coredns/caddy v1.1.0
github.com/dnstap/golang-dnstap v0.4.0
github.com/farsightsec/golang-framestream v0.3.0
github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568
github.com/golang/protobuf v1.5.2
github.com/google/uuid v1.1.2
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645
github.com/hashicorp/golang-lru v0.5.4 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/infobloxopen/go-trees v0.0.0-20200715205103-96a057b8dfb9
github.com/matttproud/golang_protobuf_extensions v1.0.1
github.com/miekg/dns v1.1.42
github.com/opentracing/opentracing-go v1.2.0
github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5
github.com/openzipkin/zipkin-go v0.2.2
github.com/philhofer/fwd v1.1.1 // indirect
github.com/prometheus/client_golang v1.10.0
github.com/prometheus/client_model v0.2.0
github.com/prometheus/common v0.25.0
go.etcd.io/etcd/api/v3 v3.5.0-beta.3
go.etcd.io/etcd/client/v3 v3.5.0-beta.3
github.com/prometheus/common v0.24.0
github.com/stretchr/testify v1.6.1 // indirect
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2
golang.org/x/sys v0.0.0-20210514084401-e8d321eab015
google.golang.org/api v0.47.0
google.golang.org/grpc v1.38.0
gopkg.in/DataDog/dd-trace-go.v1 v1.28.0
k8s.io/api v0.21.1
k8s.io/apimachinery v0.21.1
k8s.io/client-go v0.21.1
k8s.io/klog v1.0.0
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 // indirect
golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57
golang.org/x/text v0.3.4 // indirect
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
google.golang.org/grpc v1.37.1
)
replace github.com/coreos/bbolt => go.etcd.io/bbolt v1.3.4

538
go.sum
View File

@ -1,77 +1,7 @@
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To=
cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4=
cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M=
cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc=
cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk=
cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs=
cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc=
cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY=
cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI=
cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk=
cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg=
cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8=
cloud.google.com/go v0.81.0 h1:at8Tk2zUz63cLPR0JPWm5vp77pEZmzxEQBEfRKn1VV8=
cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0=
cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc=
cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU=
cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos=
cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
github.com/Azure/azure-sdk-for-go v53.3.0+incompatible h1:DFyCwv0VetPlvKYckSGJRYWUSc+NKRDSryVWVvvVkFw=
github.com/Azure/azure-sdk-for-go v53.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs=
github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
github.com/Azure/go-autorest/autorest v0.11.12/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw=
github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw=
github.com/Azure/go-autorest/autorest v0.11.18 h1:90Y4srNYrwOtAgVo3ndrQkTYn6kf1Eg/AjTFJ8Is2aM=
github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA=
github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A=
github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk=
github.com/Azure/go-autorest/autorest/adal v0.9.13 h1:Mp5hbtOePIzM8pJVRa3YLrWWmZtoxRXqUEzCfJt3+/Q=
github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M=
github.com/Azure/go-autorest/autorest/azure/auth v0.5.7 h1:8DQB8yl7aLQuP+nuR5e2RO6454OvFlSTXXaNHshc16s=
github.com/Azure/go-autorest/autorest/azure/auth v0.5.7/go.mod h1:AkzUsqkrdmNhfP2i54HqINVQopw0CLDnvHpJ88Zz1eI=
github.com/Azure/go-autorest/autorest/azure/cli v0.4.2 h1:dMOmEJfkLKW/7JsokJqkyoYSgmR08hi9KrhjZb+JALY=
github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM=
github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw=
github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74=
github.com/Azure/go-autorest/autorest/mocks v0.4.1 h1:K0laFcLE6VLTOwNgSxaGbUcLPuGXlNkbVvq4cW4nIHk=
github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k=
github.com/Azure/go-autorest/autorest/to v0.2.0 h1:nQOZzFCudTh+TvquAtCRjM01VEYx85e9qbwt5ncW4L8=
github.com/Azure/go-autorest/autorest/to v0.2.0/go.mod h1:GunWKJp1AEqgMaGLV+iocmRAJWqST1wQYhyyjXJ3SJc=
github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8=
github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg=
github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8=
github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo=
github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/DataDog/datadog-go v3.5.0+incompatible h1:AShr9cqkF+taHjyQgcBcQUt/ZNK+iPq4ROaZwSX5c/U=
github.com/DataDog/datadog-go v3.5.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g=
@ -81,7 +11,6 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
github.com/apparentlymart/go-cidr v1.1.0 h1:2mAhrMoF+nhXqxTzSZMUzDHkLjmIHC+Zzn4tdgBZjnU=
@ -90,11 +19,8 @@ github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hC
github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
github.com/aryann/difflib v0.0.0-20170710044230-e206f873d14a/go.mod h1:DAHtR1m6lCRdSC2Tm3DSWRPvIPr6xNKyeHdqDQSQT+A=
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU=
github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
github.com/aws/aws-sdk-go v1.38.45 h1:pQmv1vT/voRAjENnPsT4WobFBgLwnODDFogrt2kXc7M=
github.com/aws/aws-sdk-go v1.38.45/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
@ -106,117 +32,60 @@ github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QH
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
github.com/coredns/caddy v1.1.0 h1:ezvsPrT/tA/7pYDBZxu0cT0VmWk75AfIaf6GSYCNMf0=
github.com/coredns/caddy v1.1.0/go.mod h1:A6ntJQlAWuQfFlsd9hvigKbo2WS0VUs2l1e2F+BawD4=
github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM=
github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7 h1:u9SHYsPQNyt5tgDm3YN7+9dYrpK96E5wFilTFWIDZOM=
github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
github.com/coreos/go-systemd/v22 v22.3.1 h1:7OO2CXWMYNDdaAzP51t4lCCZWwpQHmvPbm9sxWjm3So=
github.com/coreos/go-systemd/v22 v22.3.1/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8=
github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U=
github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
github.com/dnstap/golang-dnstap v0.4.0 h1:KRHBoURygdGtBjDI2w4HifJfMAhhOqDuktAokaSa234=
github.com/dnstap/golang-dnstap v0.4.0/go.mod h1:FqsSdH58NAmkAvKcpyxht7i4FoBjKu8E4JUPt8ipSUs=
github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc=
github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
github.com/envoyproxy/go-control-plane v0.6.9/go.mod h1:SBwIajubJHhxtWwsL9s8ss4safvEdbitLhGGK48rN6g=
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po=
github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/evanphx/json-patch v4.9.0+incompatible h1:kLcOMZeuLAJvL2BPWLMIj5oaZQobrkAqrL+WFZwQses=
github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/farsightsec/golang-framestream v0.3.0 h1:/spFQHucTle/ZIPkYqrfshQqPe2VQEzesH243TjIwqA=
github.com/farsightsec/golang-framestream v0.3.0/go.mod h1:eNde4IQyEiA5br02AouhEHCu3p3UzrCdFR4LuQHklMI=
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 h1:BHsljHzVlRcyQhjrss6TZTdY2VfCqZPbv5k3iBFa2ZQ=
github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
github.com/form3tech-oss/jwt-go v3.2.2+incompatible h1:TcekIExNqud5crz4xD2pavyTgWiPvpYe4Xau31I0PRk=
github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4=
github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20=
github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o=
github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
github.com/go-logr/logr v0.4.0 h1:K7/B1jt6fIBQVd4Owv2MqGQClcgf0R266+7C/QjRcLc=
github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg=
github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc=
github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8=
github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo=
github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s=
github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY=
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
@ -226,7 +95,6 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM=
github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
@ -236,53 +104,23 @@ github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5a
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=
github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y=
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
github.com/googleapis/gax-go/v2 v2.0.5 h1:sjZBwGj9Jlw33ImPtvFviGYvseOtDM7hkSKB7+Tv3SM=
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
github.com/googleapis/gnostic v0.4.1 h1:DLJCy1n/vrD4HPjOvYcT8aYQXpPIzoRZONaYwyycI+I=
github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg=
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw=
github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 h1:MJG/KsmcqMwFAkh8mTnAwhyKoB+sTAnY4CACC110tbU=
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645/go.mod h1:6iZfnjpejD4L/4DwD7NryNaJyCQdzwWwH2MWhCA90Kw=
github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
@ -301,60 +139,37 @@ github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09
github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90=
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc=
github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64=
github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ=
github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I=
github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc=
github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg=
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo=
github.com/infobloxopen/go-trees v0.0.0-20200715205103-96a057b8dfb9 h1:w66aaP3c6SIQ0pi3QH1Tb4AMO3aWoEPxd1CNvLphbkA=
github.com/infobloxopen/go-trees v0.0.0-20200715205103-96a057b8dfb9/go.mod h1:BaIJzjD2ZnHmx2acPF6XfGLPzNCMiBbMRqJr+8/8uRI=
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM=
github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
@ -367,24 +182,17 @@ github.com/miekg/dns v1.1.42 h1:gWGe42RGaIqXQZ+r3WUGEKBEtvPHY2SXo4dqixDNxuY=
github.com/miekg/dns v1.1.42/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4=
github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg=
github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY=
github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=
github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg=
github.com/nats-io/jwt v0.3.2/go.mod h1:/euKqTS1ZD+zzjYrY7pseZrTtWQSjujC7xjPc8wL6eU=
github.com/nats-io/nats-server/v2 v2.1.2/go.mod h1:Afk+wRZqkMQs/p45uXdrVLuab3gwv3Z8C4HTBu8GD/k=
@ -392,46 +200,31 @@ github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzE
github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtbWGs=
github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.11.0 h1:JAKSXpt1YjtLA7YpPiqO9ss6sNXEsPfSGdwN0UHqzrw=
github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/onsi/gomega v1.7.0 h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME=
github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk=
github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492 h1:lM6RxxfUMrYL/f8bWEUqdXrANWtrL7Nndbm9iFN0DlU=
github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492/go.mod h1:Ngi6UdF0k5OKD5t5wlmGhe/EDKPoUM3BXZSSfIuJbis=
github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKwFXS9KnPs5lxoYwgW74=
github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs=
github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5 h1:ZCnq+JUrvXcDVhX/xRolRBZifmabN1HcS1wrPSvxhrU=
github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5/go.mod h1:/wsWhb9smxSfWAKL3wpBW7V8scJMt8N8gnaMCS9E/cA=
github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw=
github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
github.com/openzipkin/zipkin-go v0.2.2 h1:nY8Hti+WKaP0cRsSeQ026wU03QsM762XBeCXBb9NAWI=
github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM=
github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9iaPbIdPPGyKcA8hKdoy6hAWba7Yac=
github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
github.com/philhofer/fwd v1.1.1 h1:GdGcTjf5RNAxwS4QLsiMzJYj5KEvPJD3Abr261yRQXQ=
github.com/philhofer/fwd v1.1.1/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/profile v1.2.1/go.mod h1:hJw3o1OdXxsrSjjVksARp5W95eeEaEfptyVZyv6JUPA=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@ -441,7 +234,6 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeDPbaTKGT+JTgUa3og=
github.com/prometheus/client_golang v1.5.1/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU=
github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
github.com/prometheus/client_golang v1.10.0 h1:/o0BDeWzLWXNZ+4q5gXltUvaMpJqckTa+jTNoB+z4cg=
github.com/prometheus/client_golang v1.10.0/go.mod h1:WJM3cc3yu7XKBKa/I8WeZm+V3eltZnBwfENSU7mdogU=
@ -455,11 +247,10 @@ github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6T
github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA=
github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4=
github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
github.com/prometheus/common v0.18.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
github.com/prometheus/common v0.25.0 h1:IjJYZJCI8HZYtqA3xYwGyDzSCy1r4CA2GRh+4vdOmtE=
github.com/prometheus/common v0.25.0/go.mod h1:H6QK/N6XVT42whUeIdI3dp36w49c+/iMDk7UAI2qm7Q=
github.com/prometheus/common v0.24.0 h1:aIycr3wRFxPUq8XlLQlGQ9aNXV3dFi5y62pe/SB262k=
github.com/prometheus/common v0.24.0/go.mod h1:H6QK/N6XVT42whUeIdI3dp36w49c+/iMDk7UAI2qm7Q=
github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
@ -469,7 +260,6 @@ github.com/prometheus/procfs v0.6.0 h1:mxy4L2jP6qMonqmq+aTtOx1ifVWUgG/TAmntgbh3x
github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
@ -483,117 +273,52 @@ github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1
github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48=
github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/tinylib/msgp v1.1.2 h1:gWmO7n0Ys2RBEb7GPYB9Ujq8Mk5p2U08lRnmMcGy6BQ=
github.com/tinylib/msgp v1.1.2/go.mod h1:+d+yLhGm8mzTaHzB+wgMYrodPfmZrzkirds8fDWklFE=
github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738 h1:VcrIfasaLFkyjk6KNlXQSzO+B0fZcnECiDrKJsfxka0=
go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
go.etcd.io/etcd/api/v3 v3.5.0-beta.3 h1:FdNjTxZpH98oWWTtOjhz0EU7sILw9giVIW+M3dzZFOg=
go.etcd.io/etcd/api/v3 v3.5.0-beta.3/go.mod h1:yF0YUmBghT48aC0/eTFrhULo+uKQAr5spQQ6sRhPauE=
go.etcd.io/etcd/client/pkg/v3 v3.5.0-beta.3 h1:fh2cSzLD4OeGVy164WtilS9hAQYmQ2BC6Fh/akRR1b0=
go.etcd.io/etcd/client/pkg/v3 v3.5.0-beta.3/go.mod h1:a+pbz+UrcOpvve1Qxf6tGovi15PjgtRhi0QTO2Nlc4U=
go.etcd.io/etcd/client/v3 v3.5.0-beta.3 h1:r88iXU/blpfMu7FMSvhEZJPT/5IROselyNnlR2XCYA8=
go.etcd.io/etcd/client/v3 v3.5.0-beta.3/go.mod h1:vWjHXU+j44Z92kL/WjCMh8sXV5J4Sk2e6cjYK9y6Yz8=
go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M=
go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4=
go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA=
go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
go.uber.org/zap v1.16.1-0.20210329175301-c23abee72d19 h1:040c3dLNhgFQkoojH2AMpHCy4SrvhmxdU72d9GLGGE0=
go.uber.org/zap v1.16.1-0.20210329175301-c23abee72d19/go.mod h1:aMfIlz3TDBfB0BwTCKFU1XbEmj9zevr5S5LcBr85MXw=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 h1:It14KIkyBFYkHkwZ7k45minvA9aorojkyjGk9KJ5B/w=
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@ -606,63 +331,23 @@ golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73r
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210224082022-3d97a244fca7/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 h1:4nGaVu0QrbjT/AK2PRLuQfQuh6DJve+pELhqTdAj3x0=
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420 h1:a8jGStKg0XqKDlKqjLrXn0ioF5MH36pT7Z0BRTqLhbk=
golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c h1:pkQiBZBvdos9qq4wBAHqlzuZHEXo07pqV06ef90u1WI=
golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@ -675,243 +360,75 @@ golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5h
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191220142924-d4481acd189f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210309074719-68d13333faf2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57 h1:F5Gozwx4I1xtr/sr/8CFbb57iKi3297KFs0QDbGN60A=
golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210514084401-e8d321eab015 h1:hZR0X1kPW+nwyJ9xRxqZk1vx5RUObAPBdKVvXPDUH/E=
golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d h1:SZxvLBoTP5yHO3Frd4z4vrF+DBX9vMVanchswa69toE=
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.4 h1:0YWbFKbhXG/wIiuHDSKpS0Iy7FSA+u45VtBMfQcFTTc=
golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba h1:O8mE0/t419eoIwhTFpKVkHiTs/Igowgfkj25AcZrtiE=
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE=
golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg=
google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE=
google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8=
google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU=
google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94=
google.golang.org/api v0.47.0 h1:sQLWZQvP6jPGIP4JGPkJu4zHswrv81iobiyszr3b/0I=
google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo=
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s=
google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA=
google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U=
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013 h1:+kGHl1aib/qcwaRi1CbqBZ1rk19r85MNUf8HaBghugY=
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A=
google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384 h1:z+j74wi4yV+P7EtK9gPLGukOk7mFOy9wMQaC0wNb7eY=
google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM=
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
google.golang.org/grpc v1.22.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8=
google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
google.golang.org/grpc v1.37.1 h1:ARnQJNWxGyYJpdf/JXscNlQr/uv607ZPU9Z7ogHi+iI=
google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
google.golang.org/grpc v1.38.0 h1:/9BgsAsa5nWe26HqOlvlgJnqBuktYOLCgjCPqsa56W0=
google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
@ -920,73 +437,32 @@ google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzi
google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
gopkg.in/DataDog/dd-trace-go.v1 v1.28.0 h1:EmglUJuykRsTwsQDcKaAo3CmOunWU6Dqk7U2lo7Pjss=
gopkg.in/DataDog/dd-trace-go.v1 v1.28.0/go.mod h1:Sp1lku8WJMvNV0kjDI4Ni/T7J/U3BO5ct5kEaoVU8+I=
gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o=
gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
k8s.io/api v0.21.1 h1:94bbZ5NTjdINJEdzOkpS4vdPhkb1VFpTYC9zh43f75c=
k8s.io/api v0.21.1/go.mod h1:FstGROTmsSHBarKc8bylzXih8BLNYTiS3TZcsoEDg2s=
k8s.io/apimachinery v0.21.1 h1:Q6XuHGlj2xc+hlMCvqyYfbv3H7SRGn2c8NycxJquDVs=
k8s.io/apimachinery v0.21.1/go.mod h1:jbreFvJo3ov9rj7eWT7+sYiRx+qZuCYXwWT1bcDswPY=
k8s.io/client-go v0.21.1 h1:bhblWYLZKUu+pm50plvQF8WpY6TXdRRtcS/K9WauOj4=
k8s.io/client-go v0.21.1/go.mod h1:/kEw4RgW+3xnBGzvp9IWxKSNA+lXn3A7AuH3gdOAzLs=
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
k8s.io/klog/v2 v2.8.0 h1:Q3gmuM9hKEjefWFFYF0Mat+YyFJvsUyYuwyNNJ5C9Ts=
k8s.io/klog/v2 v2.8.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7 h1:vEx13qjvaZ4yfObSSXW7BrMc/KQBBT/Jyee8XtLf4x0=
k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7/go.mod h1:wXW5VT87nVfh/iLV8FpR2uDvrFyomxbtb1KivDbvPTE=
k8s.io/utils v0.0.0-20201110183641-67b214c5f920 h1:CbnUZsM497iRC5QMVkHwyl8s2tB3g7yaSHkYPkpgelw=
k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
sigs.k8s.io/structured-merge-diff/v4 v4.1.0 h1:C4r9BgJ98vrKnnVCjwCSXcWjWe0NKcUQkmzDXZXGwH8=
sigs.k8s.io/structured-merge-diff/v4 v4.1.0/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q=
sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc=
sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU=

135
man/coredns-acl.7
View File

@ -1,135 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-ACL" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIacl\fP - enforces access control policies on source ip and prevents unauthorized access to DNS servers.
.SH "DESCRIPTION"
.PP
With \fB\fCacl\fR enabled, users are able to block or filter suspicious DNS queries by configuring IP filter rule sets, i.e. allowing authorized queries to recurse or blocking unauthorized queries.
.PP
This plugin can be used multiple times per Server Block.
.SH "SYNTAX"
.PP
.RS
.nf
acl [ZONES...] {
ACTION [type QTYPE...] [net SOURCE...]
}
.fi
.RE
.IP \(bu 4
\fBZONES\fP zones it should be authoritative for. If empty, the zones from the configuration block are used.
.IP \(bu 4
\fBACTION\fP (\fIallow\fP, \fIblock\fP, or \fIfilter\fP) defines the way to deal with DNS queries matched by this rule. The default action is \fIallow\fP, which means a DNS query not matched by any rules will be allowed to recurse. The difference between \fIblock\fP and \fIfilter\fP is that block returns status code of \fIREFUSED\fP while filter returns an empty set \fINOERROR\fP
.IP \(bu 4
\fBQTYPE\fP is the query type to match for the requests to be allowed or blocked. Common resource record types are supported. \fB\fC*\fR stands for all record types. The default behavior for an omitted \fB\fCtype QTYPE...\fR is to match all kinds of DNS queries (same as \fB\fCtype *\fR).
.IP \(bu 4
\fBSOURCE\fP is the source IP address to match for the requests to be allowed or blocked. Typical CIDR notation and single IP address are supported. \fB\fC*\fR stands for all possible source IP addresses.
.SH "EXAMPLES"
.PP
To demonstrate the usage of plugin acl, here we provide some typical examples.
.PP
Block all DNS queries with record type A from 192.168.0.0/16
.PP
.RS
.nf
\&. {
acl {
block type A net 192.168.0.0/16
}
}
.fi
.RE
.PP
Filter all DNS queries with record type A from 192.168.0.0/16
.PP
.RS
.nf
\&. {
acl {
filter type A net 192.168.0.0/16
}
}
.fi
.RE
.PP
Block all DNS queries from 192.168.0.0/16 except for 192.168.1.0/24:
.PP
.RS
.nf
\&. {
acl {
allow net 192.168.1.0/24
block net 192.168.0.0/16
}
}
.fi
.RE
.PP
Allow only DNS queries from 192.168.0.0/24 and 192.168.1.0/24:
.PP
.RS
.nf
\&. {
acl {
allow net 192.168.0.0/24 192.168.1.0/24
block
}
}
.fi
.RE
.PP
Block all DNS queries from 192.168.1.0/24 towards a.example.org:
.PP
.RS
.nf
example.org {
acl a.example.org {
block net 192.168.1.0/24
}
}
.fi
.RE
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metrics are exported:
.IP \(bu 4
\fB\fCcoredns_acl_blocked_requests_total{server, zone}\fR - counter of DNS requests being blocked.
.IP \(bu 4
\fB\fCcoredns_acl_allowed_requests_total{server}\fR - counter of DNS requests being allowed.
.PP
The \fB\fCserver\fR and \fB\fCzone\fR labels are explained in the \fImetrics\fP plugin documentation.

53
man/coredns-any.7
View File

@ -1,53 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-ANY" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIany\fP - gives a minimal response to ANY queries.
.SH "DESCRIPTION"
.PP
\fIany\fP basically blocks ANY queries by responding to them with a short HINFO reply. See RFC
8482
\[la]https://tools.ietf.org/html/rfc8482\[ra] for details.
.SH "SYNTAX"
.PP
.RS
.nf
any
.fi
.RE
.SH "EXAMPLES"
.PP
.RS
.nf
example.org {
whoami
any
}
.fi
.RE
.PP
A \fB\fCdig +nocmd ANY example.org +noall +answer\fR now returns:
.PP
.RS
.nf
example.org. 8482 IN HINFO "ANY obsoleted" "See RFC 8482"
.fi
.RE
.SH "SEE ALSO"
.PP
RFC 8482
\[la]https://tools.ietf.org/html/rfc8482\[ra].

112
man/coredns-auto.7
View File

@ -1,112 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-AUTO" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIauto\fP - enables serving zone data from an RFC 1035-style master file, which is automatically picked up from disk.
.SH "DESCRIPTION"
.PP
The \fIauto\fP plugin is used for an "old-style" DNS server. It serves from a preloaded file that exists
on disk. If the zone file contains signatures (i.e. is signed, i.e. using DNSSEC) correct DNSSEC answers
are returned. Only NSEC is supported! If you use this setup \fIyou\fP are responsible for re-signing the
zonefile. New or changed zones are automatically picked up from disk only when SOA's serial changes. If the zones are not updated via a zone transfer, the serial must be manually changed.
.SH "SYNTAX"
.PP
.RS
.nf
auto [ZONES...] {
directory DIR [REGEXP ORIGIN\_TEMPLATE]
reload DURATION
}
.fi
.RE
.PP
\fBZONES\fP zones it should be authoritative for. If empty, the zones from the configuration block
are used.
.IP \(bu 4
\fB\fCdirectory\fR loads zones from the specified \fBDIR\fP. If a file name matches \fBREGEXP\fP it will be
used to extract the origin. \fBORIGIN_TEMPLATE\fP will be used as a template for the origin. Strings
like \fB\fC{<number>}\fR are replaced with the respective matches in the file name, e.g. \fB\fC{1}\fR is the
first match, \fB\fC{2}\fR is the second. The default is: \fB\fCdb\.(.*) {1}\fR i.e. from a file with the
name \fB\fCdb.example.com\fR, the extracted origin will be \fB\fCexample.com\fR.
.IP \(bu 4
\fB\fCreload\fR interval to perform reloads of zones if SOA version changes and zonefiles. It specifies how often CoreDNS should scan the directory to watch for file removal and addition. Default is one minute.
Value of \fB\fC0\fR means to not scan for changes and reload. eg. \fB\fC30s\fR checks zonefile every 30 seconds
and reloads zone when serial changes.
.PP
For enabling zone transfers look at the \fItransfer\fP plugin.
.PP
All directives from the \fIfile\fP plugin are supported. Note that \fIauto\fP will load all zones found,
even though the directive might only receive queries for a specific zone. I.e:
.PP
.RS
.nf
\&. {
auto example.org {
directory /etc/coredns/zones
}
}
.fi
.RE
.PP
Will happily pick up a zone for \fB\fCexample.COM\fR, except it will never be queried, because the \fIauto\fP
directive only is authoritative for \fB\fCexample.ORG\fR.
.SH "EXAMPLES"
.PP
Load \fB\fCorg\fR domains from \fB\fC/etc/coredns/zones/org\fR and allow transfers to the internet, but send
notifies to 10.240.1.1
.PP
.RS
.nf
org {
auto {
directory /etc/coredns/zones/org
}
transfer {
to *
to 10.240.1.1
}
}
.fi
.RE
.PP
Load \fB\fCorg\fR domains from \fB\fC/etc/coredns/zones/org\fR and looks for file names as \fB\fCwww.db.example.org\fR,
where \fB\fCexample.org\fR is the origin. Scan every 45 seconds.
.PP
.RS
.nf
org {
auto {
directory /etc/coredns/zones/org www\\.db\\.(.*) {1}
reload 45s
}
}
.fi
.RE
.SH "ALSO"
.PP
Use the \fIroot\fP plugin to help you specify the location of the zone files. See the \fItransfer\fP plugin
to enable outgoing zone transfers.

95
man/coredns-autopath.7
View File

@ -1,95 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-AUTOPATH" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIautopath\fP - allows for server-side search path completion.
.SH "DESCRIPTION"
.PP
If the \fIautopath\fP plugin sees a query that matches the first element of the configured search path, it will
follow the chain of search path elements and return the first reply that is not NXDOMAIN. On any
failures, the original reply is returned. Because \fIautopath\fP returns a reply for a name that wasn't
the original question, it will add a CNAME that points from the original name (with the search path
element in it) to the name of this answer.
.PP
\fBNote\fP: There are several known issues, see the "Bugs" section below.
.SH "SYNTAX"
.PP
.RS
.nf
autopath [ZONE...] RESOLV\-CONF
.fi
.RE
.IP \(bu 4
\fBZONES\fP zones \fIautopath\fP should be authoritative for.
.IP \(bu 4
\fBRESOLV-CONF\fP points to a \fB\fCresolv.conf\fR like file or uses a special syntax to point to another
plugin. For instance \fB\fC@kubernetes\fR, will call out to the kubernetes plugin (for each
query) to retrieve the search list it should use.
.PP
If a plugin implements the \fB\fCAutoPather\fR interface then it can be used by \fIautopath\fP.
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metric is exported:
.IP \(bu 4
\fB\fCcoredns_autopath_success_total{server}\fR - counter of successfully autopath-ed queries.
.PP
The \fB\fCserver\fR label is explained in the \fImetrics\fP plugin documentation.
.SH "EXAMPLES"
.PP
.RS
.nf
autopath my\-resolv.conf
.fi
.RE
.PP
Use \fB\fCmy-resolv.conf\fR as the file to get the search path from. This file only needs to have one line:
\fB\fCsearch domain1 domain2 ...\fR
.PP
.RS
.nf
autopath @kubernetes
.fi
.RE
.PP
Use the search path dynamically retrieved from the \fIkubernetes\fP plugin.
.SH "BUGS"
.PP
In Kubernetes, \fIautopath\fP can derive the wrong namespace of a client Pod (and therefore wrong search
path) in the following case. To properly build the search path of a client \fIautopath\fP needs to know
the namespace of the a Pod making a DNS request. To do this, it relies on the \fIkubernetes\fP plugin's
Pod cache to resolve the client's IP address to a Pod. The Pod cache is maintained by an API watch
on Pods. When Pod IP assignments change, the Kubernetes API notifies CoreDNS via the API watch.
However, that notification is not instantaneous. In the case that a Pod is deleted, and it's IP is
immediately provisioned to a Pod in another namespace, and that new Pod make a DNS lookup \fIbefore\fP
the API watch can notify CoreDNS of the change, \fIautopath\fP will resolve the IP to the previous Pod's
namespace.
.PP
In Kubernetes, \fIautopath\fP is not compatible with Pods running from Windows nodes.
.PP
If the server side search ultimately results in a negative answer (e.g. \fB\fCNXDOMAIN\fR), then the client
will fruitlessly search all paths manually, thus negating the \fIautopath\fP optimization.

74
man/coredns-azure.7
View File

@ -1,74 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-AZURE" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIazure\fP - enables serving zone data from Microsoft Azure DNS service.
.SH "DESCRIPTION"
.PP
The azure plugin is useful for serving zones from Microsoft Azure DNS. The \fIazure\fP plugin supports
all the DNS records supported by Azure, viz. A, AAAA, CNAME, MX, NS, PTR, SOA, SRV, and TXT
record types. NS record type is not supported by azure private DNS.
.SH "SYNTAX"
.PP
.RS
.nf
azure RESOURCE\_GROUP:ZONE... {
tenant TENANT\_ID
client CLIENT\_ID
secret CLIENT\_SECRET
subscription SUBSCRIPTION\_ID
environment ENVIRONMENT
fallthrough [ZONES...]
access private
}
.fi
.RE
.IP \(bu 4
\fBRESOURCE_GROUP:ZONE\fP is the resource group to which the hosted zones belongs on Azure,
and \fBZONE\fP the zone that contains data.
.IP \(bu 4
\fBCLIENT_ID\fP and \fBCLIENT_SECRET\fP are the credentials for Azure, and \fB\fCtenant\fR specifies the
\fBTENANT_ID\fP to be used. \fBSUBSCRIPTION_ID\fP is the subscription ID. All of these are needed
to access the data in Azure.
.IP \(bu 4
\fB\fCenvironment\fR specifies the Azure \fBENVIRONMENT\fP.
.IP \(bu 4
\fB\fCfallthrough\fR If zone matches and no record can be generated, pass request to the next plugin.
If \fBZONES\fP is omitted, then fallthrough happens for all zones for which the plugin is
authoritative.
.IP \(bu 4
\fB\fCaccess\fR specifies if the zone is \fB\fCpublic\fR or \fB\fCprivate\fR. Default is \fB\fCpublic\fR.
.SH "EXAMPLES"
.PP
Enable the \fIazure\fP plugin with Azure credentials for private zones \fB\fCexample.org\fR, \fB\fCexample.private\fR:
.PP
.RS
.nf
example.org {
azure resource\_group\_foo:example.org resource\_group\_foo:example.private {
tenant 123abc\-123abc\-123abc\-123abc
client 123abc\-123abc\-123abc\-234xyz
subscription 123abc\-123abc\-123abc\-563abc
secret mysecret
access private
}
}
.fi
.RE
.SH "SEE ALSO"
.PP
The Azure DNS Overview
\[la]https://docs.microsoft.com/en-us/azure/dns/dns-overview\[ra].

119
man/coredns-bind.7
View File

@ -1,119 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-BIND" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIbind\fP - overrides the host to which the server should bind.
.SH "DESCRIPTION"
.PP
Normally, the listener binds to the wildcard host. However, you may want the listener to bind to
another IP instead.
.PP
If several addresses are provided, a listener will be open on each of the IP provided.
.PP
Each address has to be an IP or name of one of the interfaces of the host. Bind by interface name, binds to the IPs on that interface at the time of startup or reload (reload will happen with a SIGHUP or if the config file changes).
.PP
If the given argument is an interface name, and that interface has serveral IP addresses, CoreDNS will listen on all of the interface IP addresses (including IPv4 and IPv6).
.SH "SYNTAX"
.PP
.RS
.nf
bind ADDRESS ...
.fi
.RE
.PP
\fBADDRESS\fP is an IP address to bind to.
When several addresses are provided a listener will be opened on each of the addresses.
.SH "EXAMPLES"
.PP
To make your socket accessible only to that machine, bind to IP 127.0.0.1 (localhost):
.PP
.RS
.nf
\&. {
bind 127.0.0.1
}
.fi
.RE
.PP
To allow processing DNS requests only local host on both IPv4 and IPv6 stacks, use the syntax:
.PP
.RS
.nf
\&. {
bind 127.0.0.1 ::1
}
.fi
.RE
.PP
If the configuration comes up with several \fIbind\fP plugins, all addresses are consolidated together:
The following sample is equivalent to the preceding:
.PP
.RS
.nf
\&. {
bind 127.0.0.1
bind ::1
}
.fi
.RE
.PP
The following server block, binds on localhost with its interface name (both "127.0.0.1" and "::1"):
.PP
.RS
.nf
\&. {
bind lo
}
.fi
.RE
.SH "BUGS"
.PP
When defining more than one server block, take care not to bind more than one server to the same
address and port. Doing so will result in unpredictable behavior (requests may be randomly
served by either server). Keep in mind that \fIwithout\fP the \fIbind\fP plugin, a server will bind to all
interfaces, and this will collide with another server if it's using \fIbind\fP to listen to an interface
on the same port. For example, the following creates two servers that both listen on 127.0.0.1:53,
which would result in unpredictable behavior for queries in \fB\fCa.bad.example.com\fR:
.PP
.RS
.nf
a.bad.example.com {
bind 127.0.0.1
forward . 1.2.3.4
}
bad.example.com {
forward . 5.6.7.8
}
.fi
.RE

67
man/coredns-bufsize.7
View File

@ -1,67 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-BUFSIZE" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIbufsize\fP - sizes EDNS0 buffer size to prevent IP fragmentation.
.SH "DESCRIPTION"
.PP
\fIbufsize\fP limits a requester's UDP payload size.
It prevents IP fragmentation, mitigating certain DNS vulnerabilities.
.SH "SYNTAX"
.PP
.RS
.nf
bufsize [SIZE]
.fi
.RE
.PP
\fB[SIZE]\fP is an int value for setting the buffer size.
The default value is 512, and the value must be within 512 - 4096.
Only one argument is acceptable, and it covers both IPv4 and IPv6.
.SH "EXAMPLES"
.PP
Enable limiting the buffer size of outgoing query to the resolver (172.31.0.10):
.PP
.RS
.nf
\&. {
bufsize 512
forward . 172.31.0.10
log
}
.fi
.RE
.PP
Enable limiting the buffer size as an authoritative nameserver:
.PP
.RS
.nf
\&. {
bufsize 512
file db.example.org
log
}
.fi
.RE
.SH "CONSIDERATIONS"
.IP \(bu 4
Setting 1232 bytes to bufsize may avoid fragmentation on the majority of networks in use today, but it depends on the MTU of the physical network links.
.IP \(bu 4
For now, if a client does not use EDNS, this plugin adds OPT RR.

165
man/coredns-cache.7
View File

@ -1,165 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-CACHE" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIcache\fP - enables a frontend cache.
.SH "DESCRIPTION"
.PP
With \fIcache\fP enabled, all records except zone transfers and metadata records will be cached for up to
3600s. Caching is mostly useful in a scenario when fetching data from the backend (upstream,
database, etc.) is expensive.
.PP
\fICache\fP will change the query to enable DNSSEC (DNSSEC OK; DO) if it passes through the plugin. If
the client didn't request any DNSSEC (records), these are filtered out when replying.
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
.RS
.nf
cache [TTL] [ZONES...]
.fi
.RE
.IP \(bu 4
\fBTTL\fP max TTL in seconds. If not specified, the maximum TTL will be used, which is 3600 for
NOERROR responses and 1800 for denial of existence ones.
Setting a TTL of 300: \fB\fCcache 300\fR would cache records up to 300 seconds.
.IP \(bu 4
\fBZONES\fP zones it should cache for. If empty, the zones from the configuration block are used.
.PP
Each element in the cache is cached according to its TTL (with \fBTTL\fP as the max).
A cache is divided into 256 shards, each holding up to 39 items by default - for a total size
of 256 * 39 = 9984 items.
.PP
If you want more control:
.PP
.RS
.nf
cache [TTL] [ZONES...] {
success CAPACITY [TTL] [MINTTL]
denial CAPACITY [TTL] [MINTTL]
prefetch AMOUNT [[DURATION] [PERCENTAGE%]]
serve\_stale [DURATION]
}
.fi
.RE
.IP \(bu 4
\fBTTL\fP and \fBZONES\fP as above.
.IP \(bu 4
\fB\fCsuccess\fR, override the settings for caching successful responses. \fBCAPACITY\fP indicates the maximum
number of packets we cache before we start evicting (\fIrandomly\fP). \fBTTL\fP overrides the cache maximum TTL.
\fBMINTTL\fP overrides the cache minimum TTL (default 5), which can be useful to limit queries to the backend.
.IP \(bu 4
\fB\fCdenial\fR, override the settings for caching denial of existence responses. \fBCAPACITY\fP indicates the maximum
number of packets we cache before we start evicting (LRU). \fBTTL\fP overrides the cache maximum TTL.
\fBMINTTL\fP overrides the cache minimum TTL (default 5), which can be useful to limit queries to the backend.
There is a third category (\fB\fCerror\fR) but those responses are never cached.
.IP \(bu 4
\fB\fCprefetch\fR will prefetch popular items when they are about to be expunged from the cache.
Popular means \fBAMOUNT\fP queries have been seen with no gaps of \fBDURATION\fP or more between them.
\fBDURATION\fP defaults to 1m. Prefetching will happen when the TTL drops below \fBPERCENTAGE\fP,
which defaults to \fB\fC10%\fR, or latest 1 second before TTL expiration. Values should be in the range \fB\fC[10%, 90%]\fR.
Note the percent sign is mandatory. \fBPERCENTAGE\fP is treated as an \fB\fCint\fR.
.IP \(bu 4
\fB\fCserve_stale\fR, when serve_stale is set, cache always will serve an expired entry to a client if there is one
available. When this happens, cache will attempt to refresh the cache entry after sending the expired cache
entry to the client. The responses have a TTL of 0. \fBDURATION\fP is how far back to consider
stale responses as fresh. The default duration is 1h.
.SH "CAPACITY AND EVICTION"
.PP
If \fBCAPACITY\fP \fIis not\fP specified, the default cache size is 9984 per cache. The minimum allowed cache size is 1024.
If \fBCAPACITY\fP \fIis\fP specified, the actual cache size used will be rounded down to the nearest number divisible by 256 (so all shards are equal in size).
.PP
Eviction is done per shard. In effect, when a shard reaches capacity, items are evicted from that shard.
Since shards don't fill up perfectly evenly, evictions will occur before the entire cache reaches full capacity.
Each shard capacity is equal to the total cache size / number of shards (256). Eviction is random, not TTL based.
Entries with 0 TTL will remain in the cache until randomly evicted when the shard reaches capacity.
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metrics are exported:
.IP \(bu 4
\fB\fCcoredns_cache_entries{server, type}\fR - Total elements in the cache by cache type.
.IP \(bu 4
\fB\fCcoredns_cache_hits_total{server, type}\fR - Counter of cache hits by cache type.
.IP \(bu 4
\fB\fCcoredns_cache_misses_total{server}\fR - Counter of cache misses.
.IP \(bu 4
\fB\fCcoredns_cache_prefetch_total{server}\fR - Counter of times the cache has prefetched a cached item.
.IP \(bu 4
\fB\fCcoredns_cache_drops_total{server}\fR - Counter of responses excluded from the cache due to request/response question name mismatch.
.IP \(bu 4
\fB\fCcoredns_cache_served_stale_total{server}\fR - Counter of requests served from stale cache entries.
.PP
Cache types are either "denial" or "success". \fB\fCServer\fR is the server handling the request, see the
prometheus plugin for documentation.
.SH "EXAMPLES"
.PP
Enable caching for all zones, but cap everything to a TTL of 10 seconds:
.PP
.RS
.nf
\&. {
cache 10
whoami
}
.fi
.RE
.PP
Proxy to Google Public DNS and only cache responses for example.org (or below).
.PP
.RS
.nf
\&. {
forward . 8.8.8.8:53
cache example.org
}
.fi
.RE
.PP
Enable caching for \fB\fCexample.org\fR, keep a positive cache size of 5000 and a negative cache size of 2500:
.PP
.RS
.nf
example.org {
cache {
success 5000
denial 2500
}
}
.fi
.RE

67
man/coredns-cancel.7
View File

@ -1,67 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-CANCEL" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIcancel\fP - cancels a request's context after 5001 milliseconds.
.SH "DESCRIPTION"
.PP
The \fIcancel\fP plugin creates a canceling context for each request. It adds a timeout that gets
triggered after 5001 milliseconds.
.PP
The 5001 number was chosen because the default timeout for DNS clients is 5 seconds, after that they
give up.
.PP
A plugin interested in the cancellation status should call \fB\fCplugin.Done()\fR on the context. If the
context was canceled due to a timeout the plugin should not write anything back to the client and
return a value indicating CoreDNS should not either; a zero return value should suffice for that.
.SH "SYNTAX"
.PP
.RS
.nf
cancel [TIMEOUT]
.fi
.RE
.IP \(bu 4
\fBTIMEOUT\fP allows setting a custom timeout. The default timeout is 5001 milliseconds (\fB\fC5001 ms\fR)
.SH "EXAMPLES"
.PP
.RS
.nf
example.org {
cancel
whoami
}
.fi
.RE
.PP
Or with a custom timeout:
.PP
.RS
.nf
example.org {
cancel 1s
whoami
}
.fi
.RE
.SH "SEE ALSO"
.PP
The Go documentation for the context package.

78
man/coredns-chaos.7
View File

@ -1,78 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-CHAOS" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIchaos\fP - allows for responding to TXT queries in the CH class.
.SH "DESCRIPTION"
.PP
This is useful for retrieving version or author information from the server by querying a TXT record
for a special domain name in the CH class.
.SH "SYNTAX"
.PP
.RS
.nf
chaos [VERSION] [AUTHORS...]
.fi
.RE
.IP \(bu 4
\fBVERSION\fP is the version to return. Defaults to \fB\fCCoreDNS-<version>\fR, if not set.
.IP \(bu 4
\fBAUTHORS\fP is what authors to return. This defaults to all GitHub handles in the OWNERS files.
.PP
Note that you have to make sure that this plugin will get actual queries for the
following zones: \fB\fCversion.bind\fR, \fB\fCversion.server\fR, \fB\fCauthors.bind\fR, \fB\fChostname.bind\fR and
\fB\fCid.server\fR.
.SH "EXAMPLES"
.PP
Specify all the zones in full.
.PP
.RS
.nf
version.bind version.server authors.bind hostname.bind id.server {
chaos CoreDNS\-001 info@coredns.io
}
.fi
.RE
.PP
Or just default to \fB\fC.\fR:
.PP
.RS
.nf
\&. {
chaos CoreDNS\-001 info@coredns.io
}
.fi
.RE
.PP
And test with \fB\fCdig\fR:
.PP
.RS
.nf
% dig @localhost CH TXT version.bind
\&...
;; ANSWER SECTION:
version.bind. 0 CH TXT "CoreDNS\-001"
\&...
.fi
.RE

96
man/coredns-clouddns.7
View File

@ -1,96 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-CLOUDDNS" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIclouddns\fP - enables serving zone data from GCP Cloud DNS.
.SH "DESCRIPTION"
.PP
The \fIclouddns\fP plugin is useful for serving zones from resource record
sets in GCP Cloud DNS. This plugin supports all Google Cloud DNS
records
\[la]https://cloud.google.com/dns/docs/overview#supported_dns_record_types\[ra]. This plugin can
be used when CoreDNS is deployed on GCP or elsewhere. Note that this plugin accesses the resource
records through the Google Cloud API. For records in a privately hosted zone, it is not necessary to
place CoreDNS and this plugin in the associated VPC network. In fact the private hosted zone could
be created without any associated VPC and this plugin could still access the resource records under
the hosted zone.
.SH "SYNTAX"
.PP
.RS
.nf
clouddns [ZONE:PROJECT\_ID:HOSTED\_ZONE\_NAME...] {
credentials [FILENAME]
fallthrough [ZONES...]
}
.fi
.RE
.IP \(bu 4
\fBZONE\fP the name of the domain to be accessed. When there are multiple zones with overlapping
domains (private vs. public hosted zone), CoreDNS does the lookup in the given order here.
Therefore, for a non-existing resource record, SOA response will be from the rightmost zone.
.IP \(bu 4
\fBPROJECT_ID\fP the project ID of the Google Cloud project.
.IP \(bu 4
\fBHOSTED_ZONE_NAME\fP the name of the hosted zone that contains the resource record sets to be
accessed.
.IP \(bu 4
\fB\fCcredentials\fR is used for reading the credential file from \fBFILENAME\fP (normally a .json file).
.IP \(bu 4
\fB\fCfallthrough\fR If zone matches and no record can be generated, pass request to the next plugin.
If \fB[ZONES...]\fP is omitted, then fallthrough happens for all zones for which the plugin is
authoritative. If specific zones are listed (for example \fB\fCin-addr.arpa\fR and \fB\fCip6.arpa\fR), then
only queries for those zones will be subject to fallthrough.
.SH "EXAMPLES"
.PP
Enable clouddns with implicit GCP credentials and resolve CNAMEs via 10.0.0.1:
.PP
.RS
.nf
example.org {
clouddns example.org.:gcp\-example\-project:example\-zone
forward . 10.0.0.1
}
.fi
.RE
.PP
Enable clouddns with fallthrough:
.PP
.RS
.nf
example.org {
clouddns example.org.:gcp\-example\-project:example\-zone example.com.:gcp\-example\-project:example\-zone\-2 {
fallthrough example.gov.
}
}
.fi
.RE
.PP
Enable clouddns with multiple hosted zones with the same domain:
.PP
.RS
.nf
\&. {
clouddns example.org.:gcp\-example\-project:example\-zone example.com.:gcp\-example\-project:other\-example\-zone
}
.fi
.RE

73
man/coredns-debug.7
View File

@ -1,73 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-DEBUG" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIdebug\fP - disables the automatic recovery upon a crash so that you'll get a nice stack trace.
.SH "DESCRIPTION"
.PP
Normally CoreDNS will recover from panics; using \fIdebug\fP inhibits this. The main use of \fIdebug\fP is
to help in testing. A side effect of using \fIdebug\fP is that \fB\fClog.Debug\fR and \fB\fClog.Debugf\fR messages
will be printed to standard output.
.PP
Note that the \fIerrors\fP plugin (if loaded) will also set a \fB\fCrecover\fR, negating this setting.
.PP
Enabling this plugin is process-wide: enabling \fIdebug\fP in at least one server block enables
debug mode globally.
.SH "SYNTAX"
.PP
.RS
.nf
debug
.fi
.RE
.PP
Some plugins will send debug log DNS messages. This is done in the following format:
.PP
.RS
.nf
debug: 000000 00 0a 01 00 00 01 00 00 00 00 00 01 07 65 78 61
debug: 000010 6d 70 6c 65 05 6c 6f 63 61 6c 00 00 01 00 01 00
debug: 000020 00 29 10 00 00 00 80 00 00 00
debug: 00002a
.fi
.RE
.PP
Using \fB\fCtext2pcap\fR (part of Wireshark), this can be converted back to binary, with the following
command line: \fB\fCtext2pcap -i 17 -u 53,53\fR, where 17 is the protocol (UDP) and 53 are the ports. These
ports allow Wireshark to detect these packets as DNS messages.
.PP
Each plugin can decide whether to dump messages to aid in debugging.
.SH "EXAMPLES"
.PP
Disable the ability to recover from crashes and show debug logging:
.PP
.RS
.nf
\&. {
debug
}
.fi
.RE
.SH "SEE ALSO"
.PP
https://www.wireshark.org/docs/man-pages/text2pcap.html
\[la]https://www.wireshark.org/docs/man-pages/text2pcap.html\[ra].

144
man/coredns-dns64.7
View File

@ -1,144 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-DNS64" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIdns64\fP - enables DNS64 IPv6 transition mechanism.
.SH "DESCRIPTION"
.PP
The \fIdns64\fP plugin will when asked for a domain's AAAA records, but only finds A records,
synthesizes the AAAA records from the A records.
.PP
The synthesis is \fIonly\fP performed \fBif the query came in via IPv6\fP.
.PP
This translation is for IPv6-only networks that have NAT64
\[la]https://en.wikipedia.org/wiki/NAT64\[ra].
.SH "SYNTAX"
.PP
.RS
.nf
dns64 [PREFIX]
.fi
.RE
.IP \(bu 4
\fBPREFIX\fP defines a custom prefix instead of the default \fB\fC64:ff9b::/96\fR.
.PP
Or use this slightly longer form with more options:
.PP
.RS
.nf
dns64 [PREFIX] {
[translate\_all]
prefix PREFIX
}
.fi
.RE
.IP \(bu 4
\fB\fCprefix\fR specifies any local IPv6 prefix to use, instead of the well known prefix (64:ff9b::/96)
.IP \(bu 4
\fB\fCtranslate_all\fR translates all queries, including responses that have AAAA results.
.SH "EXAMPLES"
.PP
Translate with the default well known prefix. Applies to all queries (if they came in over IPv6).
.PP
.RS
.nf
\&. {
dns64
}
.fi
.RE
.PP
Use a custom prefix.
.PP
.RS
.nf
\&. {
dns64 64:1337::/96
}
.fi
.RE
.PP
Or
.PP
.RS
.nf
\&. {
dns64 {
prefix 64:1337::/96
}
}
.fi
.RE
.PP
Enable translation even if an existing AAAA record is present.
.PP
.RS
.nf
\&. {
dns64 {
translate\_all
}
}
.fi
.RE
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metrics are exported:
.IP \(bu 4
\fB\fCcoredns_dns64_requests_translated_total{server}\fR - counter of DNS requests translated
.PP
The \fB\fCserver\fR label is explained in the \fIprometheus\fP plugin documentation.
.SH "BUGS"
.PP
Not all features required by DNS64 are implemented, only basic AAAA synthesis.
.IP \(bu 4
Support "mapping of separate IPv4 ranges to separate IPv6 prefixes"
.IP \(bu 4
Resolve PTR records
.IP \(bu 4
Make resolver DNSSEC aware. See: RFC 6147 Section 3
\[la]https://tools.ietf.org/html/rfc6147#section-3\[ra]
.SH "SEE ALSO"
.PP
See RFC 6147
\[la]https://tools.ietf.org/html/rfc6147\[ra] for more information on the DNS64 mechanism.

119
man/coredns-dnssec.7
View File

@ -1,119 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-DNSSEC" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIdnssec\fP - enables on-the-fly DNSSEC signing of served data.
.SH "DESCRIPTION"
.PP
With \fIdnssec\fP, any reply that doesn't (or can't) do DNSSEC will get signed on the fly. Authenticated
denial of existence is implemented with NSEC black lies. Using ECDSA as an algorithm is preferred as
this leads to smaller signatures (compared to RSA). NSEC3 is \fInot\fP supported.
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
.RS
.nf
dnssec [ZONES... ] {
key file KEY...
cache\_capacity CAPACITY
}
.fi
.RE
.PP
The signing behavior depends on the keys specified. If multiple keys are specified of which there is
at least one key with the SEP bit set and at least one key with the SEP bit unset, signing will happen
in split ZSK/KSK mode. DNSKEY records will be signed with all keys that have the SEP bit set. All other
records will be signed with all keys that do not have the SEP bit set.
.PP
In any other case, each specified key will be treated as a CSK (common signing key), forgoing the
ZSK/KSK split. All signing operations are done online.
Authenticated denial of existence is implemented with NSEC black lies. Using ECDSA as an algorithm
is preferred as this leads to smaller signatures (compared to RSA). NSEC3 is \fInot\fP supported.
.PP
If multiple \fIdnssec\fP plugins are specified in the same zone, the last one specified will be
used (See bugs
\[la]#bugs\[ra]).
.IP \(bu 4
\fBZONES\fP zones that should be signed. If empty, the zones from the configuration block
are used.
.IP \(bu 4
\fB\fCkey file\fR indicates that \fBKEY\fP file(s) should be read from disk. When multiple keys are specified, RRsets
will be signed with all keys. Generating a key can be done with \fB\fCdnssec-keygen\fR: \fB\fCdnssec-keygen -a
ECDSAP256SHA256 <zonename>\fR. A key created for zone \fIA\fP can be safely used for zone \fIB\fP. The name of the
key file can be specified in one of the following formats
.RS
.IP \(en 4
basename of the generated key \fB\fCKexample.org+013+45330\fR
.IP \(en 4
generated public key \fB\fCKexample.org+013+45330.key\fR
.IP \(en 4
generated private key \fB\fCKexample.org+013+45330.private\fR
.RE
.IP \(bu 4
\fB\fCcache_capacity\fR indicates the capacity of the cache. The dnssec plugin uses a cache to store
RRSIGs. The default for \fBCAPACITY\fP is 10000.
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metrics are exported:
.IP \(bu 4
\fB\fCcoredns_dnssec_cache_entries{server, type}\fR - total elements in the cache, type is "signature".
.IP \(bu 4
\fB\fCcoredns_dnssec_cache_hits_total{server}\fR - Counter of cache hits.
.IP \(bu 4
\fB\fCcoredns_dnssec_cache_misses_total{server}\fR - Counter of cache misses.
.PP
The label \fB\fCserver\fR indicated the server handling the request, see the \fImetrics\fP plugin for details.
.SH "EXAMPLES"
.PP
Sign responses for \fB\fCexample.org\fR with the key "Kexample.org.+013+45330.key".
.PP
.RS
.nf
example.org {
dnssec {
key file Kexample.org.+013+45330
}
whoami
}
.fi
.RE
.PP
Sign responses for a kubernetes zone with the key "Kcluster.local+013+45129.key".
.PP
.RS
.nf
cluster.local {
kubernetes
dnssec {
key file Kcluster.local+013+45129
}
}
.fi
.RE

163
man/coredns-dnstap.7
View File

@ -1,163 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-DNSTAP" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIdnstap\fP - enables logging to dnstap.
.SH "DESCRIPTION"
.PP
dnstap is a flexible, structured binary log format for DNS software; see https://dnstap.info
\[la]https://dnstap.info\[ra]. With this
plugin you make CoreDNS output dnstap logging.
.PP
Every message is sent to the socket as soon as it comes in, the \fIdnstap\fP plugin has a buffer of
10000 messages, above that number dnstap messages will be dropped (this is logged).
.SH "SYNTAX"
.PP
.RS
.nf
dnstap SOCKET [full]
.fi
.RE
.IP \(bu 4
\fBSOCKET\fP is the socket (path) supplied to the dnstap command line tool.
.IP \(bu 4
\fB\fCfull\fR to include the wire-format DNS message.
.SH "EXAMPLES"
.PP
Log information about client requests and responses to \fI/tmp/dnstap.sock\fP.
.PP
.RS
.nf
dnstap /tmp/dnstap.sock
.fi
.RE
.PP
Log information including the wire-format DNS message about client requests and responses to \fI/tmp/dnstap.sock\fP.
.PP
.RS
.nf
dnstap unix:///tmp/dnstap.sock full
.fi
.RE
.PP
Log to a remote endpoint.
.PP
.RS
.nf
dnstap tcp://127.0.0.1:6000 full
.fi
.RE
.SH "COMMAND LINE TOOL"
.PP
Dnstap has a command line tool that can be used to inspect the logging. The tool can be found
at Github: https://github.com/dnstap/golang-dnstap
\[la]https://github.com/dnstap/golang-dnstap\[ra]. It's written in Go.
.PP
The following command listens on the given socket and decodes messages to stdout.
.PP
.RS
.nf
$ dnstap \-u /tmp/dnstap.sock
.fi
.RE
.PP
The following command listens on the given socket and saves message payloads to a binary dnstap-format log file.
.PP
.RS
.nf
$ dnstap \-u /tmp/dnstap.sock \-w /tmp/test.dnstap
.fi
.RE
.PP
Listen for dnstap messages on port 6000.
.PP
.RS
.nf
$ dnstap \-l 127.0.0.1:6000
.fi
.RE
.SH "USING DNSTAP IN YOUR PLUGIN"
.PP
In your setup function, check to see if the \fIdnstap\fP plugin is loaded:
.PP
.RS
.nf
c.OnStartup(func() error {
if taph := dnsserver.GetConfig(c).Handler("dnstap"); taph != nil {
if tapPlugin, ok := taph.(dnstap.Dnstap); ok {
f.tapPlugin = \&tapPlugin
}
}
return nil
})
.fi
.RE
.PP
And then in your plugin:
.PP
.RS
.nf
func (x RandomPlugin) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
if tapPlugin != nil {
q := new(msg.Msg)
msg.SetQueryTime(q, time.Now())
msg.SetQueryAddress(q, w.RemoteAddr())
if tapPlugin.IncludeRawMessage {
buf, \_ := r.Pack() // r has been seen packed/unpacked before, this should not fail
q.QueryMessage = buf
}
msg.SetType(q, tap.Message\_CLIENT\_QUERY)
tapPlugin.TapMessage(q)
}
// ...
}
.fi
.RE
.SH "SEE ALSO"
.PP
The website dnstap.info
\[la]https://dnstap.info\[ra] has info on the dnstap protocol. The \fIforward\fP
plugin's \fB\fCdnstap.go\fR uses dnstap to tap messages sent to an upstream.

132
man/coredns-erratic.7
View File

@ -1,132 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-ERRATIC" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIerratic\fP - a plugin useful for testing client behavior.
.SH "DESCRIPTION"
.PP
\fIerratic\fP returns a static response to all queries, but the responses can be delayed,
dropped or truncated. The \fIerratic\fP plugin will respond to every A or AAAA query. For
any other type it will return a SERVFAIL response (except AXFR). The reply for A will return
192.0.2.53 (RFC 5737
\[la]https://tools.ietf.org/html/rfc5737\[ra]), for AAAA it returns 2001:DB8::53 (RFC
3849
\[la]https://tools.ietf.org/html/rfc3849\[ra]). For an AXFR request it will respond with a small
zone transfer.
.SH "SYNTAX"
.PP
.RS
.nf
erratic {
drop [AMOUNT]
truncate [AMOUNT]
delay [AMOUNT [DURATION]]
}
.fi
.RE
.IP \(bu 4
\fB\fCdrop\fR: drop 1 per \fBAMOUNT\fP of queries, the default is 2.
.IP \(bu 4
\fB\fCtruncate\fR: truncate 1 per \fBAMOUNT\fP of queries, the default is 2.
.IP \(bu 4
\fB\fCdelay\fR: delay 1 per \fBAMOUNT\fP of queries for \fBDURATION\fP, the default for \fBAMOUNT\fP is 2 and
the default for \fBDURATION\fP is 100ms.
.PP
In case of a zone transfer and truncate the final SOA record \fIisn't\fP added to the response.
.SH "READY"
.PP
This plugin reports readiness to the ready plugin.
.SH "EXAMPLES"
.PP
.RS
.nf
example.org {
erratic {
drop 3
}
}
.fi
.RE
.PP
Or even shorter if the defaults suit you. Note this only drops queries, it does not delay them.
.PP
.RS
.nf
example.org {
erratic
}
.fi
.RE
.PP
Delay 1 in 3 queries for 50ms
.PP
.RS
.nf
example.org {
erratic {
delay 3 50ms
}
}
.fi
.RE
.PP
Delay 1 in 3 and truncate 1 in 5.
.PP
.RS
.nf
example.org {
erratic {
delay 3 5ms
truncate 5
}
}
.fi
.RE
.PP
Drop every second query.
.PP
.RS
.nf
example.org {
erratic {
drop 2
truncate 2
}
}
.fi
.RE
.SH "SEE ALSO"
.PP
RFC 3849
\[la]https://tools.ietf.org/html/rfc3849\[ra] and RFC 5737
\[la]https://tools.ietf.org/html/rfc5737\[ra].

93
man/coredns-errors.7
View File

@ -1,93 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-ERRORS" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIerrors\fP - enables error logging.
.SH "DESCRIPTION"
.PP
Any errors encountered during the query processing will be printed to standard output. The errors of particular type can be consolidated and printed once per some period of time.
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
The basic syntax is:
.PP
.RS
.nf
errors
.fi
.RE
.PP
Extra knobs are available with an expanded syntax:
.PP
.RS
.nf
errors {
consolidate DURATION REGEXP
}
.fi
.RE
.PP
Option \fB\fCconsolidate\fR allows collecting several error messages matching the regular expression \fBREGEXP\fP during \fBDURATION\fP. After the \fBDURATION\fP since receiving the first such message, the consolidated message will be printed to standard output, e.g.
.PP
.RS
.nf
2 errors like '^read udp .* i/o timeout$' occurred in last 30s
.fi
.RE
.PP
Multiple \fB\fCconsolidate\fR options with different \fBDURATION\fP and \fBREGEXP\fP are allowed. In case if some error message corresponds to several defined regular expressions the message will be associated with the first appropriate \fBREGEXP\fP.
.PP
For better performance, it's recommended to use the \fB\fC^\fR or \fB\fC$\fR metacharacters in regular expression when filtering error messages by prefix or suffix, e.g. \fB\fC^failed to .*\fR, or \fB\fC.* timeout$\fR.
.SH "EXAMPLES"
.PP
Use the \fIwhoami\fP to respond to queries in the example.org domain and Log errors to standard output.
.PP
.RS
.nf
example.org {
whoami
errors
}
.fi
.RE
.PP
Use the \fIforward\fP to resolve queries via 8.8.8.8 and print consolidated error messages for errors with suffix " i/o timeout" or with prefix "Failed to ".
.PP
.RS
.nf
\&. {
forward . 8.8.8.8
errors {
consolidate 5m ".* i/o timeout$"
consolidate 30s "^Failed to .+"
}
}
.fi
.RE

372
man/coredns-etcd.7
View File

@ -1,372 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-ETCD" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIetcd\fP - enables SkyDNS service discovery from etcd.
.SH "DESCRIPTION"
.PP
The \fIetcd\fP plugin implements the (older) SkyDNS service discovery service. It is \fInot\fP suitable as
a generic DNS zone data plugin. Only a subset of DNS record types are implemented, and subdomains
and delegations are not handled at all. The plugin will also recursively descend the tree and return
all records found, see "Special Behavior" below for details.
.PP
The data in the etcd instance has to be encoded as
a message
\[la]https://github.com/skynetservices/skydns/blob/2fcff74cdc9f9a7dd64189a447ef27ac354b725f/msg/service.go#L26\[ra]
like SkyDNS
\[la]https://github.com/skynetservices/skydns\[ra]. It works just like SkyDNS.
.PP
The \fIetcd\fP plugin makes extensive use of the \fIforward\fP plugin to forward and query other servers in the
network - if that plugin has been enabled as well.
.SH "SYNTAX"
.PP
.RS
.nf
etcd [ZONES...]
.fi
.RE
.IP \(bu 4
\fBZONES\fP zones \fIetcd\fP should be authoritative for.
.PP
The path will default to \fB\fC/skydns\fR the local etcd3 proxy (http://localhost:2379
\[la]http://localhost:2379\[ra]). If no zones are
specified the block's zone will be used as the zone.
.PP
.RS
.nf
etcd [ZONES...] {
fallthrough [ZONES...]
path PATH
endpoint ENDPOINT...
credentials USERNAME PASSWORD
tls CERT KEY CACERT
}
.fi
.RE
.IP \(bu 4
\fB\fCfallthrough\fR If zone matches but no record can be generated, pass request to the next plugin.
If \fB[ZONES...]\fP is omitted, then fallthrough happens for all zones for which the plugin
is authoritative. If specific zones are listed (for example \fB\fCin-addr.arpa\fR and \fB\fCip6.arpa\fR), then only
queries for those zones will be subject to fallthrough.
.IP \(bu 4
\fBPATH\fP the path inside etcd. Defaults to "/skydns".
.IP \(bu 4
\fBENDPOINT\fP the etcd endpoints. Defaults to "http://localhost:2379"
\[la]http://localhost:2379"\[ra].
.IP \(bu 4
\fB\fCcredentials\fR is used to set the \fBUSERNAME\fP and \fBPASSWORD\fP for accessing the etcd cluster.
.IP \(bu 4
\fB\fCtls\fR followed by:
.RS
.IP \(en 4
no arguments, if the server certificate is signed by a system-installed CA and no client cert is needed
.IP \(en 4
a single argument that is the CA PEM file, if the server cert is not signed by a system CA and no client cert is needed
.IP \(en 4
two arguments - path to cert PEM file, the path to private key PEM file - if the server certificate is signed by a system-installed CA and a client certificate is needed
.IP \(en 4
three arguments - path to cert PEM file, path to client private key PEM file, path to CA PEM
file - if the server certificate is not signed by a system-installed CA and client certificate
is needed.
.RE
.SH "SPECIAL BEHAVIOUR"
.PP
The \fIetcd\fP plugin leverages directory structure to look for related entries. For example
an entry \fB\fC/skydns/test/skydns/mx\fR would have entries like \fB\fC/skydns/test/skydns/mx/a\fR,
\fB\fC/skydns/test/skydns/mx/b\fR and so on. Similarly a directory \fB\fC/skydns/test/skydns/mx1\fR will have all
\fB\fCmx1\fR entries. Note this plugin will search through the entire (sub)tree for records. In case of the
first example, a query for \fB\fCmx.skydns.text\fR will return both the contents of the \fB\fCa\fR and \fB\fCb\fR records.
If the directory extends deeper those records are returned as well.
.PP
With etcd3, support for hierarchical keys are
dropped
\[la]https://coreos.com/etcd/docs/latest/learning/api.html\[ra]. This means there are no directories
but only flat keys with prefixes in etcd3. To accommodate lookups, the \fIetcd\fP plugin now does a lookup
on prefix \fB\fC/skydns/test/skydns/mx/\fR to search for entries like \fB\fC/skydns/test/skydns/mx/a\fR etc, and
if there is nothing found on \fB\fC/skydns/test/skydns/mx/\fR, it looks for \fB\fC/skydns/test/skydns/mx\fR to
find entries like \fB\fC/skydns/test/skydns/mx1\fR.
.PP
This causes two lookups from CoreDNS to etcd in certain cases.
.SH "EXAMPLES"
.PP
This is the default SkyDNS setup, with everything specified in full:
.PP
.RS
.nf
skydns.local {
etcd {
path /skydns
endpoint http://localhost:2379
}
prometheus
cache
loadbalance
}
\&. {
forward . 8.8.8.8:53 8.8.4.4:53
cache
}
.fi
.RE
.PP
Or a setup where we use \fB\fC/etc/resolv.conf\fR as the basis for the proxy and the upstream
when resolving external pointing CNAMEs.
.PP
.RS
.nf
skydns.local {
etcd {
path /skydns
}
cache
}
\&. {
forward . /etc/resolv.conf
cache
}
.fi
.RE
.PP
Multiple endpoints are supported as well.
.PP
.RS
.nf
etcd skydns.local {
endpoint http://localhost:2379 http://localhost:4001
\&...
.fi
.RE
.PP
Before getting started with these examples, please setup \fB\fCetcdctl\fR (with \fB\fCetcdv3\fR API) as explained
here
\[la]https://coreos.com/etcd/docs/latest/dev-guide/interacting_v3.html\[ra]. This will help you to put
sample keys in your etcd server.
.PP
If you prefer, you can use \fB\fCcurl\fR to populate the \fB\fCetcd\fR server, but with \fB\fCcurl\fR the
endpoint URL depends on the version of \fB\fCetcd\fR. For instance, \fB\fCetcd v3.2\fR or before uses only
[CLIENT-URL]/v3alpha/* while \fB\fCetcd v3.5\fR or later uses [CLIENT-URL]/v3/* . Also, Key and Value must
be base64 encoded in the JSON payload. With \fB\fCetcdctl\fR these details are automatically taken care
of. You can check this document
\[la]https://github.com/coreos/etcd/blob/master/Documentation/dev-guide/api_grpc_gateway.md#notes\[ra]
for details.
.SS "REVERSE ZONES"
.PP
Reverse zones are supported. You need to make CoreDNS aware of the fact that you are also
authoritative for the reverse. For instance if you want to add the reverse for 10.0.0.0/24, you'll
need to add the zone \fB\fC0.0.10.in-addr.arpa\fR to the list of zones. Showing a snippet of a Corefile:
.PP
.RS
.nf
etcd skydns.local 10.0.0.0/24 {
\&...
.fi
.RE
.PP
Next you'll need to populate the zone with reverse records, here we add a reverse for
10.0.0.127 pointing to reverse.skydns.local.
.PP
.RS
.nf
% etcdctl put /skydns/arpa/in\-addr/10/0/0/127 '{"host":"reverse.skydns.local."}'
.fi
.RE
.PP
Querying with dig:
.PP
.RS
.nf
% dig @localhost \-x 10.0.0.127 +short
reverse.skydns.local.
.fi
.RE
.SS "ZONE NAME AS A RECORD"
.PP
The zone name itself can be used as an \fB\fCA\fR record. This behavior can be achieved by writing special
entries to the ETCD path of your zone. If your zone is named \fB\fCskydns.local\fR for example, you can
create an \fB\fCA\fR record for this zone as follows:
.PP
.RS
.nf
% etcdctl put /skydns/local/skydns/ '{"host":"1.1.1.1","ttl":60}'
.fi
.RE
.PP
If you query the zone name itself, you will receive the created \fB\fCA\fR record:
.PP
.RS
.nf
% dig +short skydns.local @localhost
1.1.1.1
.fi
.RE
.PP
If you would like to use DNS RR for the zone name, you can set the following:
.PP
.RS
.nf
% etcdctl put /skydns/local/skydns/x1 '{"host":"1.1.1.1","ttl":60}'
% etcdctl put /skydns/local/skydns/x2 '{"host":"1.1.1.2","ttl":60}'
.fi
.RE
.PP
If you query the zone name now, you will get the following response:
.PP
.RS
.nf
% dig +short skydns.local @localhost
1.1.1.1
1.1.1.2
.fi
.RE
.SS "ZONE NAME AS AAAA RECORD"
.PP
If you would like to use \fB\fCAAAA\fR records for the zone name too, you can set the following:
.PP
.RS
.nf
% etcdctl put /skydns/local/skydns/x3 '{"host":"2003::8:1","ttl":60}'
% etcdctl put /skydns/local/skydns/x4 '{"host":"2003::8:2","ttl":60}'
.fi
.RE
.PP
If you query the zone name for \fB\fCAAAA\fR now, you will get the following response:
.PP
.RS
.nf
% dig +short skydns.local AAAA @localhost
2003::8:1
2003::8:2
.fi
.RE
.SS "SRV RECORD"
.PP
If you would like to use \fB\fCSRV\fR records, you can set the following:
.PP
.RS
.nf
% etcdctl put /skydns/local/skydns/x5 '{"host":"skydns\-local.server","ttl":60,"priority":10,"port":8080}'
.fi
.RE
.PP
Please notice that the key \fB\fChost\fR is the \fB\fCtarget\fR in \fB\fCSRV\fR, so it should be a domain name.
.PP
If you query the zone name for \fB\fCSRV\fR now, you will get the following response:
.PP
.RS
.nf
% dig +short skydns.local SRV @localhost
10 100 8080 skydns\-local.server.
.fi
.RE
.SS "TXT RECORD"
.PP
If you would like to use \fB\fCTXT\fR records, you can set the following:
.PP
.RS
.nf
% etcdctl put /skydns/local/skydns/x6 '{"ttl":60,"text":"this is a random text message."}'
.fi
.RE
.PP
If you query the zone name for \fB\fCTXT\fR now, you will get the following response:
.PP
.RS
.nf
% dig +short skydns.local TXT @localhost
"this is a random text message."
.fi
.RE
.SH "SEE ALSO"
.PP
If you want to \fB\fCround robin\fR A and AAAA responses look at the \fIloadbalance\fP plugin.

167
man/coredns-file.7
View File

@ -1,167 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-FILE" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIfile\fP - enables serving zone data from an RFC 1035-style master file.
.SH "DESCRIPTION"
.PP
The \fIfile\fP plugin is used for an "old-style" DNS server. It serves from a preloaded file that exists
on disk contained RFC 1035 styled data. If the zone file contains signatures (i.e., is signed using
DNSSEC), correct DNSSEC answers are returned. Only NSEC is supported! If you use this setup \fIyou\fP
are responsible for re-signing the zonefile.
.SH "SYNTAX"
.PP
.RS
.nf
file DBFILE [ZONES...]
.fi
.RE
.IP \(bu 4
\fBDBFILE\fP the database file to read and parse. If the path is relative, the path from the \fIroot\fP
plugin will be prepended to it.
.IP \(bu 4
\fBZONES\fP zones it should be authoritative for. If empty, the zones from the configuration block
are used.
.PP
If you want to round-robin A and AAAA responses look at the \fIloadbalance\fP plugin.
.PP
.RS
.nf
file DBFILE [ZONES... ] {
reload DURATION
}
.fi
.RE
.IP \(bu 4
\fB\fCreload\fR interval to perform a reload of the zone if the SOA version changes. Default is one minute.
Value of \fB\fC0\fR means to not scan for changes and reload. For example, \fB\fC30s\fR checks the zonefile every 30 seconds
and reloads the zone when serial changes.
.PP
If you need outgoing zone transfers, take a look at the \fItransfer\fP plugin.
.SH "EXAMPLES"
.PP
Load the \fB\fCexample.org\fR zone from \fB\fCdb.example.org\fR and allow transfers to the internet, but send
notifies to 10.240.1.1
.PP
.RS
.nf
example.org {
file db.example.org
transfer {
to * 10.240.1.1
}
}
.fi
.RE
.PP
Where \fB\fCdb.example.org\fR would contain RRSets (https://tools.ietf.org/html/rfc7719#section-4
\[la]https://tools.ietf.org/html/rfc7719#section-4\[ra]) in the
(text) presentation format from RFC 1035:
.PP
.RS
.nf
$ORIGIN example.org.
@ 3600 IN SOA sns.dns.icann.org. noc.dns.icann.org. 2017042745 7200 3600 1209600 3600
3600 IN NS a.iana\-servers.net.
3600 IN NS b.iana\-servers.net.
www IN A 127.0.0.1
IN AAAA ::1
.fi
.RE
.PP
Or use a single zone file for multiple zones:
.PP
.RS
.nf
\&. {
file example.org.signed example.org example.net
transfer example.org example.net {
to * 10.240.1.1
}
}
.fi
.RE
.PP
Note that if you have a configuration like the following you may run into a problem of the origin
not being correctly recognized:
.PP
.RS
.nf
\&. {
file db.example.org
}
.fi
.RE
.PP
We omit the origin for the file \fB\fCdb.example.org\fR, so this references the zone in the server block,
which, in this case, is the root zone. Any contents of \fB\fCdb.example.org\fR will then read with that
origin set; this may or may not do what you want.
It's better to be explicit here and specify the correct origin. This can be done in two ways:
.PP
.RS
.nf
\&. {
file db.example.org example.org
}
.fi
.RE
.PP
Or
.PP
.RS
.nf
example.org {
file db.example.org
}
.fi
.RE
.SH "SEE ALSO"
.PP
See the \fIloadbalance\fP plugin if you need simple record shuffling. And the \fItransfer\fP plugin for zone
transfers. Lastly the \fIroot\fP plugin can help you specify the location of the zone files.
.PP
See RFC 1035
\[la]https://www.rfc-editor.org/rfc/rfc1035.txt\[ra] for more info on how to structure zone
files.

326
man/coredns-forward.7
View File

@ -1,326 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-FORWARD" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIforward\fP - facilitates proxying DNS messages to upstream resolvers.
.SH "DESCRIPTION"
.PP
The \fIforward\fP plugin re-uses already opened sockets to the upstreams. It supports UDP, TCP and
DNS-over-TLS and uses in band health checking.
.PP
When it detects an error a health check is performed. This checks runs in a loop, performing each
check at a \fI0.5s\fP interval for as long as the upstream reports unhealthy. Once healthy we stop
health checking (until the next error). The health checks use a recursive DNS query (\fB\fC. IN NS\fR)
to get upstream health. Any response that is not a network error (REFUSED, NOTIMPL, SERVFAIL, etc)
is taken as a healthy upstream. The health check uses the same protocol as specified in \fBTO\fP. If
\fB\fCmax_fails\fR is set to 0, no checking is performed and upstreams will always be considered healthy.
.PP
When \fIall\fP upstreams are down it assumes health checking as a mechanism has failed and will try to
connect to a random upstream (which may or may not work).
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
In its most basic form, a simple forwarder uses this syntax:
.PP
.RS
.nf
forward FROM TO...
.fi
.RE
.IP \(bu 4
\fBFROM\fP is the base domain to match for the request to be forwarded.
.IP \(bu 4
\fBTO...\fP are the destination endpoints to forward to. The \fBTO\fP syntax allows you to specify
a protocol, \fB\fCtls://9.9.9.9\fR or \fB\fCdns://\fR (or no protocol) for plain DNS. The number of upstreams is
limited to 15.
.PP
Multiple upstreams are randomized (see \fB\fCpolicy\fR) on first use. When a healthy proxy returns an error
during the exchange the next upstream in the list is tried.
.PP
Extra knobs are available with an expanded syntax:
.PP
.RS
.nf
forward FROM TO... {
except IGNORED\_NAMES...
force\_tcp
prefer\_udp
expire DURATION
max\_fails INTEGER
tls CERT KEY CA
tls\_servername NAME
policy random|round\_robin|sequential
health\_check DURATION [no\_rec]
max\_concurrent MAX
}
.fi
.RE
.IP \(bu 4
\fBFROM\fP and \fBTO...\fP as above.
.IP \(bu 4
\fBIGNORED_NAMES\fP in \fB\fCexcept\fR is a space-separated list of domains to exclude from forwarding.
Requests that match none of these names will be passed through.
.IP \(bu 4
\fB\fCforce_tcp\fR, use TCP even when the request comes in over UDP.
.IP \(bu 4
\fB\fCprefer_udp\fR, try first using UDP even when the request comes in over TCP. If response is truncated
(TC flag set in response) then do another attempt over TCP. In case if both \fB\fCforce_tcp\fR and
\fB\fCprefer_udp\fR options specified the \fB\fCforce_tcp\fR takes precedence.
.IP \(bu 4
\fB\fCmax_fails\fR is the number of subsequent failed health checks that are needed before considering
an upstream to be down. If 0, the upstream will never be marked as down (nor health checked).
Default is 2.
.IP \(bu 4
\fB\fCexpire\fR \fBDURATION\fP, expire (cached) connections after this time, the default is 10s.
.IP \(bu 4
\fB\fCtls\fR \fBCERT\fP \fBKEY\fP \fBCA\fP define the TLS properties for TLS connection. From 0 to 3 arguments can be
provided with the meaning as described below
.RS
.IP \(en 4
\fB\fCtls\fR - no client authentication is used, and the system CAs are used to verify the server certificate
.IP \(en 4
\fB\fCtls\fR \fBCA\fP - no client authentication is used, and the file CA is used to verify the server certificate
.IP \(en 4
\fB\fCtls\fR \fBCERT\fP \fBKEY\fP - client authentication is used with the specified cert/key pair.
The server certificate is verified with the system CAs
.IP \(en 4
\fB\fCtls\fR \fBCERT\fP \fBKEY\fP \fBCA\fP - client authentication is used with the specified cert/key pair.
The server certificate is verified using the specified CA file
.RE
.IP \(bu 4
\fB\fCtls_servername\fR \fBNAME\fP allows you to set a server name in the TLS configuration; for instance 9.9.9.9
needs this to be set to \fB\fCdns.quad9.net\fR. Multiple upstreams are still allowed in this scenario,
but they have to use the same \fB\fCtls_servername\fR. E.g. mixing 9.9.9.9 (QuadDNS) with 1.1.1.1
(Cloudflare) will not work.
.IP \(bu 4
\fB\fCpolicy\fR specifies the policy to use for selecting upstream servers. The default is \fB\fCrandom\fR.
.RS
.IP \(en 4
\fB\fCrandom\fR is a policy that implements random upstream selection.
.IP \(en 4
\fB\fCround_robin\fR is a policy that selects hosts based on round robin ordering.
.IP \(en 4
\fB\fCsequential\fR is a policy that selects hosts based on sequential ordering.
.RE
.IP \(bu 4
\fB\fChealth_check\fR configure the behaviour of health checking of the upstream servers
.RS
.IP \(en 4
\fB\fC<duration>\fR - use a different duration for health checking, the default duration is 0.5s.
.IP \(en 4
\fB\fCno_rec\fR - optional argument that sets the RecursionDesired-flag of the dns-query used in health checking to \fB\fCfalse\fR.
The flag is default \fB\fCtrue\fR.
.RE
.IP \(bu 4
\fB\fCmax_concurrent\fR \fBMAX\fP will limit the number of concurrent queries to \fBMAX\fP. Any new query that would
raise the number of concurrent queries above the \fBMAX\fP will result in a REFUSED response. This
response does not count as a health failure. When choosing a value for \fBMAX\fP, pick a number
at least greater than the expected \fIupstream query rate\fP * \fIlatency\fP of the upstream servers.
As an upper bound for \fBMAX\fP, consider that each concurrent query will use about 2kb of memory.
.PP
Also note the TLS config is "global" for the whole forwarding proxy if you need a different
\fB\fCtls-name\fR for different upstreams you're out of luck.
.PP
On each endpoint, the timeouts for communication are set as follows:
.IP \(bu 4
The dial timeout by default is 30s, and can decrease automatically down to 100ms based on early results.
.IP \(bu 4
The read timeout is static at 2s.
.SH "METADATA"
.PP
The forward plugin will publish the following metadata, if the \fImetadata\fP
plugin is also enabled:
.IP \(bu 4
\fB\fCforward/upstream\fR: the upstream used to forward the request
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metric are exported:
.IP \(bu 4
\fB\fCcoredns_forward_requests_total{to}\fR - query count per upstream.
.IP \(bu 4
\fB\fCcoredns_forward_responses_total{to}\fR - Counter of responses received per upstream.
.IP \(bu 4
\fB\fCcoredns_forward_request_duration_seconds{to, rcode, type}\fR - duration per upstream, RCODE, type
.IP \(bu 4
\fB\fCcoredns_forward_responses_total{to, rcode}\fR - count of RCODEs per upstream.
.IP \(bu 4
\fB\fCcoredns_forward_healthcheck_failures_total{to}\fR - number of failed health checks per upstream.
.IP \(bu 4
\fB\fCcoredns_forward_healthcheck_broken_total{}\fR - counter of when all upstreams are unhealthy,
and we are randomly (this always uses the \fB\fCrandom\fR policy) spraying to an upstream.
.IP \(bu 4
\fB\fCcoredns_forward_max_concurrent_rejects_total{}\fR - counter of the number of queries rejected because the
number of concurrent queries were at maximum.
.IP \(bu 4
\fB\fCcoredns_forward_conn_cache_hits_total{to, proto}\fR - counter of connection cache hits per upstream and protocol.
.IP \(bu 4
\fB\fCcoredns_forward_conn_cache_misses_total{to, proto}\fR - counter of connection cache misses per upstream and protocol.
Where \fB\fCto\fR is one of the upstream servers (\fBTO\fP from the config), \fB\fCrcode\fR is the returned RCODE
from the upstream, \fB\fCproto\fR is the transport protocol like \fB\fCudp\fR, \fB\fCtcp\fR, \fB\fCtcp-tls\fR.
.SH "EXAMPLES"
.PP
Proxy all requests within \fB\fCexample.org.\fR to a nameserver running on a different port:
.PP
.RS
.nf
example.org {
forward . 127.0.0.1:9005
}
.fi
.RE
.PP
Load balance all requests between three resolvers, one of which has a IPv6 address.
.PP
.RS
.nf
\&. {
forward . 10.0.0.10:53 10.0.0.11:1053 [2003::1]:53
}
.fi
.RE
.PP
Forward everything except requests to \fB\fCexample.org\fR
.PP
.RS
.nf
\&. {
forward . 10.0.0.10:1234 {
except example.org
}
}
.fi
.RE
.PP
Proxy everything except \fB\fCexample.org\fR using the host's \fB\fCresolv.conf\fR's nameservers:
.PP
.RS
.nf
\&. {
forward . /etc/resolv.conf {
except example.org
}
}
.fi
.RE
.PP
Proxy all requests to 9.9.9.9 using the DNS-over-TLS (DoT) protocol, and cache every answer for up to 30
seconds. Note the \fB\fCtls_servername\fR is mandatory if you want a working setup, as 9.9.9.9 can't be
used in the TLS negotiation. Also set the health check duration to 5s to not completely swamp the
service with health checks.
.PP
.RS
.nf
\&. {
forward . tls://9.9.9.9 {
tls\_servername dns.quad9.net
health\_check 5s
}
cache 30
}
.fi
.RE
.PP
Or with multiple upstreams from the same provider
.PP
.RS
.nf
\&. {
forward . tls://1.1.1.1 tls://1.0.0.1 {
tls\_servername cloudflare\-dns.com
health\_check 5s
}
cache 30
}
.fi
.RE
.PP
Or when you have multiple DoT upstreams with different \fB\fCtls_servername\fRs, you can do the following:
.PP
.RS
.nf
\&. {
forward . 127.0.0.1:5301 127.0.0.1:5302
}
\&.:5301 {
forward . 8.8.8.8 8.8.4.4 {
tls\_servername dns.google
}
}
\&.:5302 {
forward . 1.1.1.1 1.0.0.1 {
tls\_servername cloudflare\-dns.com
}
}
.fi
.RE
.SH "SEE ALSO"
.PP
RFC 7858
\[la]https://tools.ietf.org/html/rfc7858\[ra] for DNS over TLS.

205
man/coredns-grpc.7
View File

@ -1,205 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-GRPC" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIgrpc\fP - facilitates proxying DNS messages to upstream resolvers via gRPC protocol.
.SH "DESCRIPTION"
.PP
The \fIgrpc\fP plugin supports gRPC and TLS.
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
In its most basic form:
.PP
.RS
.nf
grpc FROM TO...
.fi
.RE
.IP \(bu 4
\fBFROM\fP is the base domain to match for the request to be proxied.
.IP \(bu 4
\fBTO...\fP are the destination endpoints to proxy to. The number of upstreams is
limited to 15.
.PP
Multiple upstreams are randomized (see \fB\fCpolicy\fR) on first use. When a proxy returns an error
the next upstream in the list is tried.
.PP
Extra knobs are available with an expanded syntax:
.PP
.RS
.nf
grpc FROM TO... {
except IGNORED\_NAMES...
tls CERT KEY CA
tls\_servername NAME
policy random|round\_robin|sequential
}
.fi
.RE
.IP \(bu 4
\fBFROM\fP and \fBTO...\fP as above.
.IP \(bu 4
\fBIGNORED_NAMES\fP in \fB\fCexcept\fR is a space-separated list of domains to exclude from proxying.
Requests that match none of these names will be passed through.
.IP \(bu 4
\fB\fCtls\fR \fBCERT\fP \fBKEY\fP \fBCA\fP define the TLS properties for TLS connection. From 0 to 3 arguments can be
provided with the meaning as described below
.RS
.IP \(en 4
\fB\fCtls\fR - no client authentication is used, and the system CAs are used to verify the server certificate
.IP \(en 4
\fB\fCtls\fR \fBCA\fP - no client authentication is used, and the file CA is used to verify the server certificate
.IP \(en 4
\fB\fCtls\fR \fBCERT\fP \fBKEY\fP - client authentication is used with the specified cert/key pair.
The server certificate is verified with the system CAs
.IP \(en 4
\fB\fCtls\fR \fBCERT\fP \fBKEY\fP \fBCA\fP - client authentication is used with the specified cert/key pair.
The server certificate is verified using the specified CA file
.RE
.IP \(bu 4
\fB\fCtls_servername\fR \fBNAME\fP allows you to set a server name in the TLS configuration; for instance 9.9.9.9
needs this to be set to \fB\fCdns.quad9.net\fR. Multiple upstreams are still allowed in this scenario,
but they have to use the same \fB\fCtls_servername\fR. E.g. mixing 9.9.9.9 (QuadDNS) with 1.1.1.1
(Cloudflare) will not work.
.IP \(bu 4
\fB\fCpolicy\fR specifies the policy to use for selecting upstream servers. The default is \fB\fCrandom\fR.
.PP
Also note the TLS config is "global" for the whole grpc proxy if you need a different
\fB\fCtls-name\fR for different upstreams you're out of luck.
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metric are exported:
.IP \(bu 4
\fB\fCcoredns_grpc_request_duration_seconds{to}\fR - duration per upstream interaction.
.IP \(bu 4
\fB\fCcoredns_grpc_requests_total{to}\fR - query count per upstream.
.IP \(bu 4
\fB\fCcoredns_grpc_responses_total{to, rcode}\fR - count of RCODEs per upstream.
and we are randomly (this always uses the \fB\fCrandom\fR policy) spraying to an upstream.
.SH "EXAMPLES"
.PP
Proxy all requests within \fB\fCexample.org.\fR to a nameserver running on a different port:
.PP
.RS
.nf
example.org {
grpc . 127.0.0.1:9005
}
.fi
.RE
.PP
Load balance all requests between three resolvers, one of which has a IPv6 address.
.PP
.RS
.nf
\&. {
grpc . 10.0.0.10:53 10.0.0.11:1053 [2003::1]:53
}
.fi
.RE
.PP
Forward everything except requests to \fB\fCexample.org\fR
.PP
.RS
.nf
\&. {
grpc . 10.0.0.10:1234 {
except example.org
}
}
.fi
.RE
.PP
Proxy everything except \fB\fCexample.org\fR using the host's \fB\fCresolv.conf\fR's nameservers:
.PP
.RS
.nf
\&. {
grpc . /etc/resolv.conf {
except example.org
}
}
.fi
.RE
.PP
Proxy all requests to 9.9.9.9 using the TLS protocol, and cache every answer for up to 30
seconds. Note the \fB\fCtls_servername\fR is mandatory if you want a working setup, as 9.9.9.9 can't be
used in the TLS negotiation.
.PP
.RS
.nf
\&. {
grpc . 9.9.9.9 {
tls\_servername dns.quad9.net
}
cache 30
}
.fi
.RE
.PP
Or with multiple upstreams from the same provider
.PP
.RS
.nf
\&. {
grpc . 1.1.1.1 1.0.0.1 {
tls\_servername cloudflare\-dns.com
}
cache 30
}
.fi
.RE
.SH "BUGS"
.PP
The TLS config is global for the whole grpc proxy if you need a different \fB\fCtls_servername\fR for
different upstreams you're out of luck.

115
man/coredns-health.7
View File

@ -1,115 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-HEALTH" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIhealth\fP - enables a health check endpoint.
.SH "DESCRIPTION"
.PP
Enabled process wide health endpoint. When CoreDNS is up and running this returns a 200 OK HTTP
status code. The health is exported, by default, on port 8080/health.
.SH "SYNTAX"
.PP
.RS
.nf
health [ADDRESS]
.fi
.RE
.PP
Optionally takes an address; the default is \fB\fC:8080\fR. The health path is fixed to \fB\fC/health\fR. The
health endpoint returns a 200 response code and the word "OK" when this server is healthy.
.PP
An extra option can be set with this extended syntax:
.PP
.RS
.nf
health [ADDRESS] {
lameduck DURATION
}
.fi
.RE
.IP \(bu 4
Where \fB\fClameduck\fR will delay shutdown for \fBDURATION\fP. /health will still answer 200 OK.
Note: The \fIready\fP plugin will not answer OK while CoreDNS is in lameduck mode prior to shutdown.
.PP
If you have multiple Server Blocks, \fIhealth\fP can only be enabled in one of them (as it is process
wide). If you really need multiple endpoints, you must run health endpoints on different ports:
.PP
.RS
.nf
com {
whoami
health :8080
}
net {
erratic
health :8081
}
.fi
.RE
.PP
Doing this is supported but both endpoints ":8080" and ":8081" will export the exact same health.
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metric is exported:
.IP \(bu 4
\fB\fCcoredns_health_request_duration_seconds{}\fR - duration to process a HTTP query to the local
\fB\fC/health\fR endpoint. As this a local operation it should be fast. A (large) increase in this
duration indicates the CoreDNS process is having trouble keeping up with its query load.
.PP
Note that this metric \fIdoes not\fP have a \fB\fCserver\fR label, because being overloaded is a symptom of
the running process, \fInot\fP a specific server.
.SH "EXAMPLES"
.PP
Run another health endpoint on http://localhost:8091
\[la]http://localhost:8091\[ra].
.PP
.RS
.nf
\&. {
health localhost:8091
}
.fi
.RE
.PP
Set a lameduck duration of 1 second:
.PP
.RS
.nf
\&. {
health localhost:8092 {
lameduck 1s
}
}
.fi
.RE

175
man/coredns-hosts.7
View File

@ -1,175 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-HOSTS" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIhosts\fP - enables serving zone data from a \fB\fC/etc/hosts\fR style file.
.SH "DESCRIPTION"
.PP
The \fIhosts\fP plugin is useful for serving zones from a \fB\fC/etc/hosts\fR file. It serves from a preloaded
file that exists on disk. It checks the file for changes and updates the zones accordingly. This
plugin only supports A, AAAA, and PTR records. The hosts plugin can be used with readily
available hosts files that block access to advertising servers.
.PP
The plugin reloads the content of the hosts file every 5 seconds. Upon reload, CoreDNS will use the
new definitions. Should the file be deleted, any inlined content will continue to be served. When
the file is restored, it will then again be used.
.PP
If you want to pass the request to the rest of the plugin chain if there is no match in the \fIhosts\fP
plugin, you must specify the \fB\fCfallthrough\fR option.
.PP
This plugin can only be used once per Server Block.
.SH "THE HOSTS FILE"
.PP
Commonly the entries are of the form \fB\fCIP_address canonical_hostname [aliases...]\fR as explained by
the hosts(5) man page.
.PP
Examples:
.PP
.RS
.nf
127.0.0.1 localhost
192.168.1.10 example.com example
::1 localhost ip6\-localhost ip6\-loopback
fdfc:a744:27b5:3b0e::1 example.com example
.fi
.RE
.SS "PTR RECORDS"
.PP
PTR records for reverse lookups are generated automatically by CoreDNS (based on the hosts file
entries) and cannot be created manually.
.SH "SYNTAX"
.PP
.RS
.nf
hosts [FILE [ZONES...]] {
[INLINE]
ttl SECONDS
no\_reverse
reload DURATION
fallthrough [ZONES...]
}
.fi
.RE
.IP \(bu 4
\fBFILE\fP the hosts file to read and parse. If the path is relative the path from the \fIroot\fP
plugin will be prepended to it. Defaults to /etc/hosts if omitted. We scan the file for changes
every 5 seconds.
.IP \(bu 4
\fBZONES\fP zones it should be authoritative for. If empty, the zones from the configuration block
are used.
.IP \(bu 4
\fBINLINE\fP the hosts file contents inlined in Corefile. If there are any lines before fallthrough
then all of them will be treated as the additional content for hosts file. The specified hosts
file path will still be read but entries will be overridden.
.IP \(bu 4
\fB\fCttl\fR change the DNS TTL of the records generated (forward and reverse). The default is 3600 seconds (1 hour).
.IP \(bu 4
\fB\fCreload\fR change the period between each hostsfile reload. A time of zero seconds disables the
feature. Examples of valid durations: "300ms", "1.5h" or "2h45m". See Go's
time
\[la]https://godoc.org/time\[ra]. package.
.IP \(bu 4
\fB\fCno_reverse\fR disable the automatic generation of the \fB\fCin-addr.arpa\fR or \fB\fCip6.arpa\fR entries for the hosts
.IP \(bu 4
\fB\fCfallthrough\fR If zone matches and no record can be generated, pass request to the next plugin.
If \fB[ZONES...]\fP is omitted, then fallthrough happens for all zones for which the plugin
is authoritative. If specific zones are listed (for example \fB\fCin-addr.arpa\fR and \fB\fCip6.arpa\fR), then only
queries for those zones will be subject to fallthrough.
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metrics are exported:
.IP \(bu 4
\fB\fCcoredns_hosts_entries{}\fR - The combined number of entries in hosts and Corefile.
.IP \(bu 4
\fB\fCcoredns_hosts_reload_timestamp_seconds{}\fR - The timestamp of the last reload of hosts file.
.SH "EXAMPLES"
.PP
Load \fB\fC/etc/hosts\fR file.
.PP
.RS
.nf
\&. {
hosts
}
.fi
.RE
.PP
Load \fB\fCexample.hosts\fR file in the current directory.
.PP
.RS
.nf
\&. {
hosts example.hosts
}
.fi
.RE
.PP
Load example.hosts file and only serve example.org and example.net from it and fall through to the
next plugin if query doesn't match.
.PP
.RS
.nf
\&. {
hosts example.hosts example.org example.net {
fallthrough
}
}
.fi
.RE
.PP
Load hosts file inlined in Corefile.
.PP
.RS
.nf
example.hosts example.org {
hosts {
10.0.0.1 example.org
fallthrough
}
whoami
}
.fi
.RE
.SH "SEE ALSO"
.PP
The form of the entries in the \fB\fC/etc/hosts\fR file are based on IETF RFC 952
\[la]https://tools.ietf.org/html/rfc952\[ra] which was updated by IETF RFC 1123
\[la]https://tools.ietf.org/html/rfc1123\[ra].

110
man/coredns-import.7
View File

@ -1,110 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-IMPORT" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIimport\fP - includes files or references snippets from a Corefile.
.SH "DESCRIPTION"
.PP
The \fIimport\fP plugin can be used to include files into the main configuration. Another use is to
reference predefined snippets. Both can help to avoid some duplication.
.PP
This is a unique plugin in that \fIimport\fP can appear outside of a server block. In other words, it
can appear at the top of a Corefile where an address would normally be.
.SH "SYNTAX"
.PP
.RS
.nf
import PATTERN
.fi
.RE
.IP \(bu 4
\fBPATTERN\fP is the file, glob pattern (\fB\fC*\fR) or snippet to include. Its contents will replace
this line, as if that file's contents appeared here to begin with.
.SH "FILES"
.PP
You can use \fIimport\fP to include a file or files. This file's location is relative to the
Corefile's location. It is an error if a specific file cannot be found, but an empty glob pattern is
not an error.
.SH "SNIPPETS"
.PP
You can define snippets to be reused later in your Corefile by defining a block with a single-token
label surrounded by parentheses:
.PP
.RS
.nf
(mysnippet) {
...
}
.fi
.RE
.PP
Then you can invoke the snippet with \fIimport\fP:
.PP
.RS
.nf
import mysnippet
.fi
.RE
.SH "EXAMPLES"
.PP
Import a shared configuration:
.PP
.RS
.nf
\&. {
import config/common.conf
}
.fi
.RE
.PP
Where \fB\fCconfig/common.conf\fR contains:
.PP
.RS
.nf
prometheus
errors
log
.fi
.RE
.PP
This imports files found in the zones directory:
.PP
.RS
.nf
import ../zones/*
.fi
.RE
.SH "SEE ALSO"
.PP
See corefile(5).

130
man/coredns-k8s_external.7
View File

@ -1,130 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-K8S_EXTERNAL" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIk8s_external\fP - resolves load balancer and external IPs from outside Kubernetes clusters.
.SH "DESCRIPTION"
.PP
This plugin allows an additional zone to resolve the external IP address(es) of a Kubernetes
service. This plugin is only useful if the \fIkubernetes\fP plugin is also loaded.
.PP
The plugin uses an external zone to resolve in-cluster IP addresses. It only handles queries for A,
AAAA and SRV records; all others result in NODATA responses. To make it a proper DNS zone, it handles
SOA and NS queries for the apex of the zone.
.PP
By default the apex of the zone will look like the following (assuming the zone used is \fB\fCexample.org\fR):
.PP
.RS
.nf
example.org. 5 IN SOA ns1.dns.example.org. hostmaster.example.org. (
12345 ; serial
14400 ; refresh (4 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
5 ; minimum (4 hours)
)
example.org 5 IN NS ns1.dns.example.org.
ns1.dns.example.org. 5 IN A ....
ns1.dns.example.org. 5 IN AAAA ....
.fi
.RE
.PP
Note that we use the \fB\fCdns\fR subdomain for the records DNS needs (see the \fB\fCapex\fR directive). Also
note the SOA's serial number is static. The IP addresses of the nameserver records are those of the
CoreDNS service.
.PP
The \fIk8s_external\fP plugin handles the subdomain \fB\fCdns\fR and the apex of the zone itself; all other
queries are resolved to addresses in the cluster.
.SH "SYNTAX"
.PP
.RS
.nf
k8s\_external [ZONE...]
.fi
.RE
.IP \(bu 4
\fBZONES\fP zones \fIk8s_external\fP should be authoritative for.
.PP
If you want to change the apex domain or use a different TTL for the returned records you can use
this extended syntax.
.PP
.RS
.nf
k8s\_external [ZONE...] {
apex APEX
ttl TTL
}
.fi
.RE
.IP \(bu 4
\fBAPEX\fP is the name (DNS label) to use for the apex records; it defaults to \fB\fCdns\fR.
.IP \(bu 4
\fB\fCttl\fR allows you to set a custom \fBTTL\fP for responses. The default is 5 (seconds).
.SH "EXAMPLES"
.PP
Enable names under \fB\fCexample.org\fR to be resolved to in-cluster DNS addresses.
.PP
.RS
.nf
\&. {
kubernetes cluster.local
k8s\_external example.org
}
.fi
.RE
.PP
With the Corefile above, the following Service will get an \fB\fCA\fR record for \fB\fCtest.default.example.org\fR with the IP address \fB\fC192.168.200.123\fR.
.PP
.RS
.nf
apiVersion: v1
kind: Service
metadata:
name: test
namespace: default
spec:
clusterIP: None
externalIPs:
\- 192.168.200.123
type: ClusterIP
.fi
.RE
.PP
For some background see resolve external IP address
\[la]https://github.com/kubernetes/dns/issues/242\[ra].
And A records for services with Load Balancer IP
\[la]https://github.com/coredns/coredns/issues/1851\[ra].
.PP
PTR queries for the reverse zone is not supported.

352
man/coredns-kubernetes.7
View File

@ -1,352 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-KUBERNETES" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIkubernetes\fP - enables reading zone data from a Kubernetes cluster.
.SH "DESCRIPTION"
.PP
This plugin implements the Kubernetes DNS-Based Service Discovery
Specification
\[la]https://github.com/kubernetes/dns/blob/master/docs/specification.md\[ra].
.PP
CoreDNS running the kubernetes plugin can be used as a replacement for kube-dns in a kubernetes
cluster. See the deployment
\[la]https://github.com/coredns/deployment\[ra] repository for details on how
to deploy CoreDNS in Kubernetes
\[la]https://github.com/coredns/deployment/tree/master/kubernetes\[ra].
.PP
stubDomains and upstreamNameservers
\[la]https://kubernetes.io/blog/2017/04/configuring-private-dns-zones-upstream-nameservers-kubernetes/\[ra]
are implemented via the \fIforward\fP plugin. See the examples below.
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
.RS
.nf
kubernetes [ZONES...]
.fi
.RE
.PP
With only the plugin specified, the \fIkubernetes\fP plugin will default to the zone specified in
the server's block. It will handle all queries in that zone and connect to Kubernetes in-cluster. It
will not provide PTR records for services or A records for pods. If \fBZONES\fP is used it specifies
all the zones the plugin should be authoritative for.
.PP
.RS
.nf
kubernetes [ZONES...] {
endpoint URL
tls CERT KEY CACERT
kubeconfig KUBECONFIG [CONTEXT]
namespaces NAMESPACE...
labels EXPRESSION
pods POD\-MODE
endpoint\_pod\_names
ttl TTL
noendpoints
fallthrough [ZONES...]
ignore empty\_service
}
.fi
.RE
.IP \(bu 4
\fB\fCendpoint\fR specifies the \fBURL\fP for a remote k8s API endpoint.
If omitted, it will connect to k8s in-cluster using the cluster service account.
.IP \(bu 4
\fB\fCtls\fR \fBCERT\fP \fBKEY\fP \fBCACERT\fP are the TLS cert, key and the CA cert file names for remote k8s connection.
This option is ignored if connecting in-cluster (i.e. endpoint is not specified).
.IP \(bu 4
\fB\fCkubeconfig\fR \fBKUBECONFIG [CONTEXT]\fP authenticates the connection to a remote k8s cluster using a kubeconfig file.
\fB[CONTEXT]\fP is optional, if not set, then the current context specified in kubeconfig will be used.
It supports TLS, username and password, or token-based authentication.
This option is ignored if connecting in-cluster (i.e., the endpoint is not specified).
.IP \(bu 4
\fB\fCnamespaces\fR \fBNAMESPACE [NAMESPACE...]\fP only exposes the k8s namespaces listed.
If this option is omitted all namespaces are exposed
.IP \(bu 4
\fB\fCnamespace_labels\fR \fBEXPRESSION\fP only expose the records for Kubernetes namespaces that match this label selector.
The label selector syntax is described in the
Kubernetes User Guide - Labels
\[la]https://kubernetes.io/docs/user-guide/labels/\[ra]. An example that
only exposes namespaces labeled as "istio-injection=enabled", would use:
\fB\fClabels istio-injection=enabled\fR.
.IP \(bu 4
\fB\fClabels\fR \fBEXPRESSION\fP only exposes the records for Kubernetes objects that match this label selector.
The label selector syntax is described in the
Kubernetes User Guide - Labels
\[la]https://kubernetes.io/docs/user-guide/labels/\[ra]. An example that
only exposes objects labeled as "application=nginx" in the "staging" or "qa" environments, would
use: \fB\fClabels environment in (staging, qa),application=nginx\fR.
.IP \(bu 4
\fB\fCpods\fR \fBPOD-MODE\fP sets the mode for handling IP-based pod A records, e.g.
\fB\fC1-2-3-4.ns.pod.cluster.local. in A 1.2.3.4\fR.
This option is provided to facilitate use of SSL certs when connecting directly to pods. Valid
values for \fBPOD-MODE\fP:
.RS
.IP \(en 4
\fB\fCdisabled\fR: Default. Do not process pod requests, always returning \fB\fCNXDOMAIN\fR
.IP \(en 4
\fB\fCinsecure\fR: Always return an A record with IP from request (without checking k8s). This option
is vulnerable to abuse if used maliciously in conjunction with wildcard SSL certs. This
option is provided for backward compatibility with kube-dns.
.IP \(en 4
\fB\fCverified\fR: Return an A record if there exists a pod in same namespace with matching IP. This
option requires substantially more memory than in insecure mode, since it will maintain a watch
on all pods.
.RE
.IP \(bu 4
\fB\fCendpoint_pod_names\fR uses the pod name of the pod targeted by the endpoint as
the endpoint name in A records, e.g.,
\fB\fCendpoint-name.my-service.namespace.svc.cluster.local. in A 1.2.3.4\fR
By default, the endpoint-name name selection is as follows: Use the hostname
of the endpoint, or if hostname is not set, use the dashed form of the endpoint
IP address (e.g., \fB\fC1-2-3-4.my-service.namespace.svc.cluster.local.\fR)
If this directive is included, then name selection for endpoints changes as
follows: Use the hostname of the endpoint, or if hostname is not set, use the
pod name of the pod targeted by the endpoint. If there is no pod targeted by
the endpoint, use the dashed IP address form.
.IP \(bu 4
\fB\fCttl\fR allows you to set a custom TTL for responses. The default is 5 seconds. The minimum TTL allowed is
0 seconds, and the maximum is capped at 3600 seconds. Setting TTL to 0 will prevent records from being cached.
.IP \(bu 4
\fB\fCnoendpoints\fR will turn off the serving of endpoint records by disabling the watch on endpoints.
All endpoint queries and headless service queries will result in an NXDOMAIN.
.IP \(bu 4
\fB\fCfallthrough\fR \fB[ZONES...]\fP If a query for a record in the zones for which the plugin is authoritative
results in NXDOMAIN, normally that is what the response will be. However, if you specify this option,
the query will instead be passed on down the plugin chain, which can include another plugin to handle
the query. If \fB[ZONES...]\fP is omitted, then fallthrough happens for all zones for which the plugin
is authoritative. If specific zones are listed (for example \fB\fCin-addr.arpa\fR and \fB\fCip6.arpa\fR), then only
queries for those zones will be subject to fallthrough.
.IP \(bu 4
\fB\fCignore empty_service\fR returns NXDOMAIN for services without any ready endpoint addresses (e.g., ready pods).
This allows the querying pod to continue searching for the service in the search path.
The search path could, for example, include another Kubernetes cluster.
.PP
Enabling zone transfer is done by using the \fItransfer\fP plugin.
.SH "READY"
.PP
This plugin reports readiness to the ready plugin. This will happen after it has synced to the
Kubernetes API.
.SH "EXAMPLES"
.PP
Handle all queries in the \fB\fCcluster.local\fR zone. Connect to Kubernetes in-cluster. Also handle all
\fB\fCin-addr.arpa\fR \fB\fCPTR\fR requests for \fB\fC10.0.0.0/17\fR . Verify the existence of pods when answering pod
requests.
.PP
.RS
.nf
10.0.0.0/17 cluster.local {
kubernetes {
pods verified
}
}
.fi
.RE
.PP
Or you can selectively expose some namespaces:
.PP
.RS
.nf
kubernetes cluster.local {
namespaces test staging
}
.fi
.RE
.PP
Connect to Kubernetes with CoreDNS running outside the cluster:
.PP
.RS
.nf
kubernetes cluster.local {
endpoint https://k8s\-endpoint:8443
tls cert key cacert
}
.fi
.RE
.SH "STUBDOMAINS AND UPSTREAMNAMESERVERS"
.PP
Here we use the \fIforward\fP plugin to implement a stubDomain that forwards \fB\fCexample.local\fR to the nameserver \fB\fC10.100.0.10:53\fR.
Also configured is an upstreamNameserver \fB\fC8.8.8.8:53\fR that will be used for resolving names that do not fall in \fB\fCcluster.local\fR
or \fB\fCexample.local\fR.
.PP
.RS
.nf
cluster.local:53 {
kubernetes cluster.local
}
example.local {
forward . 10.100.0.10:53
}
\&. {
forward . 8.8.8.8:53
}
.fi
.RE
.PP
The configuration above represents the following Kube-DNS stubDomains and upstreamNameservers configuration.
.PP
.RS
.nf
stubDomains: |
{“example.local”: [“10.100.0.10:53”]}
upstreamNameservers: |
[“8.8.8.8:53”]
.fi
.RE
.SH "AUTOPATH"
.PP
The \fIkubernetes\fP plugin can be used in conjunction with the \fIautopath\fP plugin. Using this
feature enables server-side domain search path completion in Kubernetes clusters. Note: \fB\fCpods\fR must
be set to \fB\fCverified\fR for this to function properly. Furthermore, the remote IP address in the DNS
packet received by CoreDNS must be the IP address of the Pod that sent the request.
.PP
.RS
.nf
cluster.local {
autopath @kubernetes
kubernetes {
pods verified
}
}
.fi
.RE
.SH "WILDCARDS"
.PP
Some query labels accept a wildcard value to match any value. If a label is a valid wildcard (*,
or the word "any"), then that label will match all values. The labels that accept wildcards are:
.IP \(bu 4
\fIendpoint\fP in an \fB\fCA\fR record request: \fIendpoint\fP.service.namespace.svc.zone, e.g., \fB\fC*.nginx.ns.svc.cluster.local\fR
.IP \(bu 4
\fIservice\fP in an \fB\fCA\fR record request: \fIservice\fP.namespace.svc.zone, e.g., \fB\fC*.ns.svc.cluster.local\fR
.IP \(bu 4
\fInamespace\fP in an \fB\fCA\fR record request: service.\fInamespace\fP.svc.zone, e.g., \fB\fCnginx.*.svc.cluster.local\fR
.IP \(bu 4
\fIport and/or protocol\fP in an \fB\fCSRV\fR request: \fBport_.\fPprotocol_.service.namespace.svc.zone.,
e.g., \fB\fC_http.*.service.ns.svc.cluster.local\fR
.IP \(bu 4
multiple wildcards are allowed in a single query, e.g., \fB\fCA\fR Request \fB\fC*.*.svc.zone.\fR or \fB\fCSRV\fR request \fB\fC*.*.*.*.svc.zone.\fR
.PP
For example, wildcards can be used to resolve all Endpoints for a Service as \fB\fCA\fR records. e.g.: \fB\fC*.service.ns.svc.myzone.local\fR will return the Endpoint IPs in the Service \fB\fCservice\fR in namespace \fB\fCdefault\fR:
.PP
.RS
.nf
*.service.default.svc.cluster.local. 5 IN A 192.168.10.10
*.service.default.svc.cluster.local. 5 IN A 192.168.25.15
.fi
.RE
.SH "METADATA"
.PP
The kubernetes plugin will publish the following metadata, if the \fImetadata\fP
plugin is also enabled:
.IP \(bu 4
\fB\fCkubernetes/endpoint\fR: the endpoint name in the query
.IP \(bu 4
\fB\fCkubernetes/kind\fR: the resource kind (pod or svc) in the query
.IP \(bu 4
\fB\fCkubernetes/namespace\fR: the namespace in the query
.IP \(bu 4
\fB\fCkubernetes/port-name\fR: the port name in an SRV query
.IP \(bu 4
\fB\fCkubernetes/protocol\fR: the protocol in an SRV query
.IP \(bu 4
\fB\fCkubernetes/service\fR: the service name in the query
.IP \(bu 4
\fB\fCkubernetes/client-namespace\fR: the client pod's namespace (see requirements below)
.IP \(bu 4
\fB\fCkubernetes/client-pod-name\fR: the client pod's name (see requirements below)
.PP
The \fB\fCkubernetes/client-namespace\fR and \fB\fCkubernetes/client-pod-name\fR metadata work by reconciling the
client IP address in the DNS request packet to a known pod IP address. Therefore the following is required:
* \fB\fCpods verified\fR mode must be enabled
* the remote IP address in the DNS packet received by CoreDNS must be the IP address
of the Pod that sent the request.
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metrics are exported:
.IP \(bu 4
\fB\fCcoredns_kubernetes_dns_programming_duration_seconds{service_kind}\fR - Exports the
DNS programming latency SLI
\[la]https://github.com/kubernetes/community/blob/master/sig-scalability/slos/dns_programming_latency.md\[ra].
The metrics has the \fB\fCservice_kind\fR label that identifies the kind of the
kubernetes service
\[la]https://kubernetes.io/docs/concepts/services-networking/service\[ra].
It may take one of the three values:
.RS
.IP \(en 4
\fB\fCcluster_ip\fR
.IP \(en 4
\fB\fCheadless_with_selector\fR
.IP \(en 4
\fB\fCheadless_without_selector\fR
.RE
.SH "BUGS"
.PP
The duration metric only supports the "headless_with_selector" service currently.
.SH "SEE ALSO"
.PP
See the \fIautopath\fP plugin to enable search path optimizations. And use the \fItransfer\fP plugin to
enable outgoing zone transfers.

48
man/coredns-loadbalance.7
View File

@ -1,48 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-LOADBALANCE" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIloadbalance\fP - randomizes the order of A, AAAA and MX records.
.SH "DESCRIPTION"
.PP
The \fIloadbalance\fP will act as a round-robin DNS load balancer by randomizing the order of A, AAAA,
and MX records in the answer.
.PP
See Wikipedia
\[la]https://en.wikipedia.org/wiki/Round-robin_DNS\[ra] about the pros and cons of this
setup. It will take care to sort any CNAMEs before any address records, because some stub resolver
implementations (like glibc) are particular about that.
.SH "SYNTAX"
.PP
.RS
.nf
loadbalance [POLICY]
.fi
.RE
.IP \(bu 4
\fBPOLICY\fP is how to balance. The default, and only option, is "round_robin".
.SH "EXAMPLES"
.PP
Load balance replies coming back from Google Public DNS:
.PP
.RS
.nf
\&. {
loadbalance round\_robin
forward . 8.8.8.8 8.8.4.4
}
.fi
.RE

67
man/coredns-local.7
View File

@ -1,67 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-LOCAL" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIlocal\fP - respond to local names.
.SH "DESCRIPTION"
.PP
\fIlocal\fP will respond with a basic reply to a "local request". Local request are defined to be
names in the following zones: localhost, 0.in-addr.arpa, 127.in-addr.arpa and 255.in-addr.arpa \fIand\fP
any query asking for \fB\fClocalhost.<domain>\fR. When seeing the latter a metric counter is increased and
if \fIdebug\fP is enabled a debug log is emitted.
.PP
With \fIlocal\fP enabled any query falling under these zones will get a reply. The prevents the query
from "escaping" to the internet and putting strain on external infrastructure.
.PP
The zones are mostly empty, only \fB\fClocalhost.\fR address records (A and AAAA) are defined and a
\fB\fC1.0.0.127.in-addr.arpa.\fR reverse (PTR) record.
.SH "SYNTAX"
.PP
.RS
.nf
local
.fi
.RE
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metric is exported:
.IP \(bu 4
\fB\fCcoredns_local_localhost_requests_total{}\fR - a counter of the number of \fB\fClocalhost.<domain>\fR
requests CoreDNS has seen. Note this does \fInot\fP count \fB\fClocalhost.\fR queries.
.PP
Note that this metric \fIdoes not\fP have a \fB\fCserver\fR label, because it's more interesting to find the
client(s) performing these queries than to see which server handled it. You'll need to inspect the
debug log to get the client IP address.
.SH "EXAMPLES"
.PP
.RS
.nf
\&. {
local
}
.fi
.RE
.SH "BUGS"
.PP
Only the \fB\fCin-addr.arpa.\fR reverse zone is implemented, \fB\fCip6.arpa.\fR queries are not intercepted.
.SH "SEE ALSO"
.PP
BIND9's configuration in Debian comes with these zones preconfigured. See the \fIdebug\fP plugin for
enabling debug logging.

249
man/coredns-log.7
View File

@ -1,249 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-LOG" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIlog\fP - enables query logging to standard output.
.SH "DESCRIPTION"
.PP
By just using \fIlog\fP you dump all queries (and parts for the reply) on standard output. Options exist
to tweak the output a little. Note that for busy servers logging will incur a performance hit.
.PP
Enabling or disabling the \fIlog\fP plugin only affects the query logging, any other logging from
CoreDNS will show up regardless.
.SH "SYNTAX"
.PP
.RS
.nf
log
.fi
.RE
.PP
With no arguments, a query log entry is written to \fIstdout\fP in the common log format for all requests.
Or if you want/need slightly more control:
.PP
.RS
.nf
log [NAMES...] [FORMAT]
.fi
.RE
.IP \(bu 4
\fB\fCNAMES\fR is the name list to match in order to be logged
.IP \(bu 4
\fB\fCFORMAT\fR is the log format to use (default is Common Log Format), \fB\fC{common}\fR is used as a shortcut
for the Common Log Format. You can also use \fB\fC{combined}\fR for a format that adds the query opcode
\fB\fC{>opcode}\fR to the Common Log Format.
.PP
You can further specify the classes of responses that get logged:
.PP
.RS
.nf
log [NAMES...] [FORMAT] {
class CLASSES...
}
.fi
.RE
.IP \(bu 4
\fB\fCCLASSES\fR is a space-separated list of classes of responses that should be logged
.PP
The classes of responses have the following meaning:
.IP \(bu 4
\fB\fCsuccess\fR: successful response
.IP \(bu 4
\fB\fCdenial\fR: either NXDOMAIN or nodata responses (Name exists, type does not). A nodata response
sets the return code to NOERROR.
.IP \(bu 4
\fB\fCerror\fR: SERVFAIL, NOTIMP, REFUSED, etc. Anything that indicates the remote server is not willing to
resolve the request.
.IP \(bu 4
\fB\fCall\fR: the default - nothing is specified. Using of this class means that all messages will be
logged whatever we mix together with "all".
.PP
If no class is specified, it defaults to \fB\fCall\fR.
.SH "LOG FORMAT"
.PP
You can specify a custom log format with any placeholder values. Log supports both request and
response placeholders.
.PP
The following place holders are supported:
.IP \(bu 4
\fB\fC{type}\fR: qtype of the request
.IP \(bu 4
\fB\fC{name}\fR: qname of the request
.IP \(bu 4
\fB\fC{class}\fR: qclass of the request
.IP \(bu 4
\fB\fC{proto}\fR: protocol used (tcp or udp)
.IP \(bu 4
\fB\fC{remote}\fR: client's IP address, for IPv6 addresses these are enclosed in brackets: \fB\fC[::1]\fR
.IP \(bu 4
\fB\fC{local}\fR: server's IP address, for IPv6 addresses these are enclosed in brackets: \fB\fC[::1]\fR
.IP \(bu 4
\fB\fC{size}\fR: request size in bytes
.IP \(bu 4
\fB\fC{port}\fR: client's port
.IP \(bu 4
\fB\fC{duration}\fR: response duration
.IP \(bu 4
\fB\fC{rcode}\fR: response RCODE
.IP \(bu 4
\fB\fC{rsize}\fR: raw (uncompressed), response size (a client may receive a smaller response)
.IP \(bu 4
\fB\fC{>rflags}\fR: response flags, each set flag will be displayed, e.g. "aa, tc". This includes the qr
bit as well
.IP \(bu 4
\fB\fC{>bufsize}\fR: the EDNS0 buffer size advertised in the query
.IP \(bu 4
\fB\fC{>do}\fR: is the EDNS0 DO (DNSSEC OK) bit set in the query
.IP \(bu 4
\fB\fC{>id}\fR: query ID
.IP \(bu 4
\fB\fC{>opcode}\fR: query OPCODE
.IP \(bu 4
\fB\fC{common}\fR: the default Common Log Format.
.IP \(bu 4
\fB\fC{combined}\fR: the Common Log Format with the query opcode.
.IP \(bu 4
\fB\fC{/LABEL}\fR: any metadata label is accepted as a place holder if it is enclosed between \fB\fC{/\fR and
\fB\fC}\fR, the place holder will be replaced by the corresponding metadata value or the default value
\fB\fC-\fR if label is not defined. See the \fImetadata\fP plugin for more information.
.PP
The default Common Log Format is:
.PP
.RS
.nf
`{remote}:{port} \- {>id} "{type} {class} {name} {proto} {size} {>do} {>bufsize}" {rcode} {>rflags} {rsize} {duration}`
.fi
.RE
.PP
Each of these logs will be outputted with \fB\fClog.Infof\fR, so a typical example looks like this:
.PP
.RS
.nf
[INFO] [::1]:50759 \- 29008 "A IN example.org. udp 41 false 4096" NOERROR qr,rd,ra,ad 68 0.037990251s
~~~~
## Examples
Log all requests to stdout
~~~ corefile
\&. {
log
whoami
}
.fi
.RE
.PP
Custom log format, for all zones (\fB\fC.\fR)
.PP
.RS
.nf
\&. {
log . "{proto} Request: {name} {type} {>id}"
}
.fi
.RE
.PP
Only log denials (NXDOMAIN and nodata) for example.org (and below)
.PP
.RS
.nf
\&. {
log example.org {
class denial
}
}
.fi
.RE
.PP
Log all queries which were not resolved successfully in the Combined Log Format.
.PP
.RS
.nf
\&. {
log . {combined} {
class denial error
}
}
.fi
.RE
.PP
Log all queries on which we did not get errors
.PP
.RS
.nf
\&. {
log . {
class denial success
}
}
.fi
.RE
.PP
Also the multiple statements can be OR-ed, for example, we can rewrite the above case as following:
.PP
.RS
.nf
\&. {
log . {
class denial
class success
}
}
.fi
.RE

123
man/coredns-loop.7
View File

@ -1,123 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-LOOP" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIloop\fP - detects simple forwarding loops and halts the server.
.SH "DESCRIPTION"
.PP
The \fIloop\fP plugin will send a random probe query to ourselves and will then keep track of how many times
we see it. If we see it more than twice, we assume CoreDNS has seen a forwarding loop and we halt the process.
.PP
The plugin will try to send the query for up to 30 seconds. This is done to give CoreDNS enough time
to start up. Once a query has been successfully sent, \fIloop\fP disables itself to prevent a query of
death.
.PP
The query sent is \fB\fC<random number>.<random number>.zone\fR with type set to HINFO.
.SH "SYNTAX"
.PP
.RS
.nf
loop
.fi
.RE
.SH "EXAMPLES"
.PP
Start a server on the default port and load the \fIloop\fP and \fIforward\fP plugins. The \fIforward\fP plugin
forwards to it self.
.PP
.RS
.nf
\&. {
loop
forward . 127.0.0.1
}
.fi
.RE
.PP
After CoreDNS has started it stops the process while logging:
.PP
.RS
.nf
plugin/loop: Loop (127.0.0.1:55953 \-> :1053) detected for zone ".", see https://coredns.io/plugins/loop#troubleshooting. Query: "HINFO 4547991504243258144.3688648895315093531."
.fi
.RE
.SH "LIMITATIONS"
.PP
This plugin only attempts to find simple static forwarding loops at start up time. To detect a loop,
the following must be true:
.IP \(bu 4
the loop must be present at start up time.
.IP \(bu 4
the loop must occur for the \fB\fCHINFO\fR query type.
.SH "TROUBLESHOOTING"
.PP
When CoreDNS logs contain the message \fB\fCLoop ... detected ...\fR, this means that the \fB\fCloop\fR detection
plugin has detected an infinite forwarding loop in one of the upstream DNS servers. This is a fatal
error because operating with an infinite loop will consume memory and CPU until eventual out of
memory death by the host.
.PP
A forwarding loop is usually caused by:
.IP \(bu 4
Most commonly, CoreDNS forwarding requests directly to itself. e.g. via a loopback address such as \fB\fC127.0.0.1\fR, \fB\fC::1\fR or \fB\fC127.0.0.53\fR
.IP \(bu 4
Less commonly, CoreDNS forwarding to an upstream server that in turn, forwards requests back to CoreDNS.
.PP
To troubleshoot this problem, look in your Corefile for any \fB\fCforward\fRs to the zone
in which the loop was detected. Make sure that they are not forwarding to a local address or
to another DNS server that is forwarding requests back to CoreDNS. If \fB\fCforward\fR is
using a file (e.g. \fB\fC/etc/resolv.conf\fR), make sure that file does not contain local addresses.
.SS "TROUBLESHOOTING LOOPS IN KUBERNETES CLUSTERS"
.PP
When a CoreDNS Pod deployed in Kubernetes detects a loop, the CoreDNS Pod will start to "CrashLoopBackOff".
This is because Kubernetes will try to restart the Pod every time CoreDNS detects the loop and exits.
.PP
A common cause of forwarding loops in Kubernetes clusters is an interaction with a local DNS cache
on the host node (e.g. \fB\fCsystemd-resolved\fR). For example, in certain configurations \fB\fCsystemd-resolved\fR will
put the loopback address \fB\fC127.0.0.53\fR as a nameserver into \fB\fC/etc/resolv.conf\fR. Kubernetes (via \fB\fCkubelet\fR) by default
will pass this \fB\fC/etc/resolv.conf\fR file to all Pods using the \fB\fCdefault\fR dnsPolicy rendering them
unable to make DNS lookups (this includes CoreDNS Pods). CoreDNS uses this \fB\fC/etc/resolv.conf\fR
as a list of upstreams to forward requests to. Since it contains a loopback address, CoreDNS ends up forwarding
requests to itself.
.PP
There are many ways to work around this issue, some are listed here:
.IP \(bu 4
Add the following to your \fB\fCkubelet\fR config yaml: \fB\fCresolvConf: <path-to-your-real-resolv-conf-file>\fR (or via command line flag \fB\fC--resolv-conf\fR deprecated in 1.10). Your "real"
\fB\fCresolv.conf\fR is the one that contains the actual IPs of your upstream servers, and no local/loopback address.
This flag tells \fB\fCkubelet\fR to pass an alternate \fB\fCresolv.conf\fR to Pods. For systems using \fB\fCsystemd-resolved\fR,
\fB\fC/run/systemd/resolve/resolv.conf\fR is typically the location of the "real" \fB\fCresolv.conf\fR,
although this can be different depending on your distribution.
.IP \(bu 4
Disable the local DNS cache on host nodes, and restore \fB\fC/etc/resolv.conf\fR to the original.
.IP \(bu 4
A quick and dirty fix is to edit your Corefile, replacing \fB\fCforward . /etc/resolv.conf\fR with
the IP address of your upstream DNS, for example \fB\fCforward . 8.8.8.8\fR. But this only fixes the issue for CoreDNS,
kubelet will continue to forward the invalid \fB\fCresolv.conf\fR to all \fB\fCdefault\fR dnsPolicy Pods, leaving them unable to resolve DNS.

64
man/coredns-metadata.7
View File

@ -1,64 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-METADATA" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fImetadata\fP - enables a metadata collector.
.SH "DESCRIPTION"
.PP
By enabling \fImetadata\fP any plugin that implements metadata.Provider
interface
\[la]https://godoc.org/github.com/coredns/coredns/plugin/metadata#Provider\[ra] will be called for
each DNS query, at the beginning of the process for that query, in order to add its own metadata to
context.
.PP
The metadata collected will be available for all plugins, via the Context parameter provided in the
ServeDNS function. The package (code) documentation has examples on how to inspect and retrieve
metadata a plugin might be interested in.
.PP
The metadata is added by setting a label with a value in the context. These labels should be named
\fB\fCplugin/NAME\fR, where \fBNAME\fP is something descriptive. The only hard requirement the \fImetadata\fP
plugin enforces is that the labels contain a slash. See the documentation for
\fB\fCmetadata.SetValueFunc\fR.
.PP
The value stored is a string. The empty string signals "no metadata". See the documentation for
\fB\fCmetadata.ValueFunc\fR on how to retrieve this.
.SH "SYNTAX"
.PP
.RS
.nf
metadata [ZONES... ]
.fi
.RE
.IP \(bu 4
\fBZONES\fP zones metadata should be invoked for.
.SH "PLUGINS"
.PP
\fB\fCmetadata.Provider\fR interface needs to be implemented by each plugin willing to provide metadata
information for other plugins. It will be called by metadata and gather the information from all
plugins in context.
.PP
Note: this method should work quickly, because it is called for every request.
.SH "EXAMPLES"
.PP
The \fIrewrite\fP plugin uses meta data to rewrite requests.
.SH "SEE ALSO"
.PP
The Provider interface
\[la]https://godoc.org/github.com/coredns/coredns/plugin/metadata#Provider\[ra] and
the package level
\[la]https://godoc.org/github.com/coredns/coredns/plugin/metadata\[ra] documentation.

116
man/coredns-metrics.7
View File

@ -1,116 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-METRICS" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIprometheus\fP - enables Prometheus
\[la]https://prometheus.io/\[ra] metrics.
.SH "DESCRIPTION"
.PP
With \fIprometheus\fP you export metrics from CoreDNS and any plugin that has them.
The default location for the metrics is \fB\fClocalhost:9153\fR. The metrics path is fixed to \fB\fC/metrics\fR.
The following metrics are exported:
.IP \(bu 4
\fB\fCcoredns_build_info{version, revision, goversion}\fR - info about CoreDNS itself.
.IP \(bu 4
\fB\fCcoredns_panics_total{}\fR - total number of panics.
.IP \(bu 4
\fB\fCcoredns_dns_requests_total{server, zone, proto, family, type}\fR - total query count.
.IP \(bu 4
\fB\fCcoredns_dns_request_duration_seconds{server, zone, type}\fR - duration to process each query.
.IP \(bu 4
\fB\fCcoredns_dns_request_size_bytes{server, zone, proto}\fR - size of the request in bytes.
.IP \(bu 4
\fB\fCcoredns_dns_do_requests_total{server, zone}\fR - queries that have the DO bit set
.IP \(bu 4
\fB\fCcoredns_dns_response_size_bytes{server, zone, proto}\fR - response size in bytes.
.IP \(bu 4
\fB\fCcoredns_dns_responses_total{server, zone, rcode}\fR - response per zone and rcode.
.IP \(bu 4
\fB\fCcoredns_plugin_enabled{server, zone, name}\fR - indicates whether a plugin is enabled on per server and zone basis.
.PP
Each counter has a label \fB\fCzone\fR which is the zonename used for the request/response.
.PP
Extra labels used are:
.IP \(bu 4
\fB\fCserver\fR is identifying the server responsible for the request. This is a string formatted
as the server's listening address: \fB\fC<scheme>://[<bind>]:<port>\fR. I.e. for a "normal" DNS server
this is \fB\fCdns://:53\fR. If you are using the \fIbind\fP plugin an IP address is included, e.g.: \fB\fCdns://127.0.0.53:53\fR.
.IP \(bu 4
\fB\fCproto\fR which holds the transport of the response ("udp" or "tcp")
.IP \(bu 4
The address family (\fB\fCfamily\fR) of the transport (1 = IP (IP version 4), 2 = IP6 (IP version 6)).
.IP \(bu 4
\fB\fCtype\fR which holds the query type. It holds most common types (A, AAAA, MX, SOA, CNAME, PTR, TXT,
NS, SRV, DS, DNSKEY, RRSIG, NSEC, NSEC3, IXFR, AXFR and ANY) and "other" which lumps together all
other types.
.PP
If monitoring is enabled, queries that do not enter the plugin chain are exported under the fake
name "dropped" (without a closing dot - this is never a valid domain name).
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
.RS
.nf
prometheus [ADDRESS]
.fi
.RE
.PP
For each zone that you want to see metrics for.
.PP
It optionally takes a bind address to which the metrics are exported; the default
listens on \fB\fClocalhost:9153\fR. The metrics path is fixed to \fB\fC/metrics\fR.
.SH "EXAMPLES"
.PP
Use an alternative listening address:
.PP
.RS
.nf
\&. {
prometheus localhost:9253
}
.fi
.RE
.PP
Or via an environment variable (this is supported throughout the Corefile): \fB\fCexport PORT=9253\fR, and
then:
.PP
.RS
.nf
\&. {
prometheus localhost:{$PORT}
}
.fi
.RE
.SH "BUGS"
.PP
When reloading, the Prometheus handler is stopped before the new server instance is started.
If that new server fails to start, then the initial server instance is still available and DNS queries still served,
but Prometheus handler stays down.
Prometheus will not reply HTTP request until a successful reload or a complete restart of CoreDNS.
Only the plugins that register as Handler are visible in \fB\fCcoredns_plugin_enabled{server, zone, name}\fR. As of today the plugins reload and bind will not be reported.

49
man/coredns-minimal.7
View File

@ -1,49 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-MINIMAL" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIminimal\fP - minimizes size of the DNS response message whenever possible.
.SH "DESCRIPTION"
.PP
The \fIminimal\fP plugin tries to minimize the size of the response. Depending on the response type it
removes resource records from the AUTHORITY and ADDITIONAL sections.
.PP
Specifically this plugin looks at successful responses (this excludes negative responses, i.e.
nodata or name error). If the successful response isn't a delegation only the RRs in the answer
section are written to the client.
.SH "SYNTAX"
.PP
.RS
.nf
minimal
.fi
.RE
.SH "EXAMPLES"
.PP
Enable minimal responses:
.PP
.RS
.nf
example.org {
whoami
forward . 8.8.8.8
minimal
}
.fi
.RE
.SH "SEE ALSO"
.PP
BIND 9 Configuration Reference
\[la]https://bind9.readthedocs.io/en/latest/reference.html#boolean-options\[ra]

78
man/coredns-nsid.7
View File

@ -1,78 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-NSID" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fInsid\fP - adds an identifier of this server to each reply.
.SH "DESCRIPTION"
.PP
This plugin implements RFC 5001
\[la]https://tools.ietf.org/html/rfc5001\[ra] and adds an EDNS0 OPT
resource record to replies that uniquely identify the server. This is useful in anycast setups to
see which server was responsible for generating the reply and for debugging.
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
.RS
.nf
nsid [DATA]
.fi
.RE
.PP
\fBDATA\fP is the string to use in the nsid record.
.PP
If \fBDATA\fP is not given, the host's name is used.
.SH "EXAMPLES"
.PP
Enable nsid:
.PP
.RS
.nf
example.org {
whoami
nsid Use The Force
}
.fi
.RE
.PP
And now a client with NSID support will see an OPT record with the NSID option:
.PP
.RS
.nf
% dig +nsid @localhost a whoami.example.org
;; Got answer:
;; \->>HEADER<<\- opcode: QUERY, status: NOERROR, id: 46880
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 3
\&....
; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; NSID: 55 73 65 20 54 68 65 20 46 6f 72 63 65 ("Use The Force")
;; QUESTION SECTION:
;whoami.example.org. IN A
.fi
.RE
.SH "SEE ALSO"
.PP
RFC 5001
\[la]https://tools.ietf.org/html/rfc5001\[ra]

115
man/coredns-pprof.7
View File

@ -1,115 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-PPROF" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIpprof\fP - publishes runtime profiling data at endpoints under \fB\fC/debug/pprof\fR.
.SH "DESCRIPTION"
.PP
You can visit \fB\fC/debug/pprof\fR on your site for an index of the available endpoints. By default it
will listen on localhost:6053.
.PP
This is a debugging tool. Certain requests (such as collecting execution traces) can be slow. If
you use pprof on a live server, consider restricting access or enabling it only temporarily.
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
.RS
.nf
pprof [ADDRESS]
.fi
.RE
.PP
Optionally pprof takes an address; the default is \fB\fClocalhost:6053\fR.
.PP
An extra option can be set with this extended syntax:
.PP
.RS
.nf
pprof [ADDRESS] {
block [RATE]
}
.fi
.RE
.IP \(bu 4
\fB\fCblock\fR option enables block profiling, \fBRATE\fP defaults to 1. \fBRATE\fP must be a positive value.
See Diagnostics, chapter profiling
\[la]https://golang.org/doc/diagnostics.html\[ra] and
runtime.SetBlockProfileRate
\[la]https://golang.org/pkg/runtime/#SetBlockProfileRate\[ra] for what block
profiling entails.
.SH "EXAMPLES"
.PP
Enable a pprof endpoint:
.PP
.RS
.nf
\&. {
pprof
}
.fi
.RE
.PP
And use the pprof tool to get statistics: \fB\fCgo tool pprof http://localhost:6053\fR.
.PP
Listen on an alternate address:
.PP
.RS
.nf
\&. {
pprof 10.9.8.7:6060
}
.fi
.RE
.PP
Listen on an all addresses on port 6060, and enable block profiling
.PP
.RS
.nf
\&. {
pprof :6060 {
block
}
}
.fi
.RE
.SH "SEE ALSO"
.PP
See Go's pprof documentation
\[la]https://golang.org/pkg/net/http/pprof/\[ra] and Profiling Go
Programs
\[la]https://blog.golang.org/profiling-go-programs\[ra].
.PP
See runtime.SetBlockProfileRate
\[la]https://golang.org/pkg/runtime/#SetBlockProfileRate\[ra] for
background on block profiling.

77
man/coredns-ready.7
View File

@ -1,77 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-READY" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIready\fP - enables a readiness check HTTP endpoint.
.SH "DESCRIPTION"
.PP
By enabling \fIready\fP an HTTP endpoint on port 8181 will return 200 OK, when all plugins that are able
to signal readiness have done so. If some are not ready yet the endpoint will return a 503 with the
body containing the list of plugins that are not ready. Once a plugin has signaled it is ready it
will not be queried again.
.PP
Each Server Block that enables the \fIready\fP plugin will have the plugins \fIin that server block\fP
report readiness into the /ready endpoint that runs on the same port. This also means that the
\fIsame\fP plugin with different configurations (in potentially \fIdifferent\fP Server Blocks) will have
their readiness reported as the union of their respective readinesses.
.SH "SYNTAX"
.PP
.RS
.nf
ready [ADDRESS]
.fi
.RE
.PP
\fIready\fP optionally takes an address; the default is \fB\fC:8181\fR. The path is fixed to \fB\fC/ready\fR. The
readiness endpoint returns a 200 response code and the word "OK" when this server is ready. It
returns a 503 otherwise \fIand\fP the list of plugins that are not ready.
.SH "PLUGINS"
.PP
Any plugin wanting to signal readiness will need to implement the \fB\fCready.Readiness\fR interface by
implementing a method \fB\fCReady() bool\fR that returns true when the plugin is ready and false otherwise.
.SH "EXAMPLES"
.PP
Let \fIready\fP report readiness for both the \fB\fC.\fR and \fB\fCexample.org\fR servers (assuming the \fIwhois\fP
plugin also exports readiness):
.PP
.RS
.nf
\&. {
ready
erratic
}
example.org {
ready
whoami
}
.fi
.RE
.PP
Run \fIready\fP on a different port.
.PP
.RS
.nf
\&. {
ready localhost:8091
}
.fi
.RE

152
man/coredns-reload.7
View File

@ -1,152 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-RELOAD" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIreload\fP - allows automatic reload of a changed Corefile.
.SH "DESCRIPTION"
.PP
This plugin allows automatic reload of a changed \fICorefile\fP.
To enable automatic reloading of \fIzone file\fP changes, use the \fB\fCauto\fR plugin.
.PP
This plugin periodically checks if the Corefile has changed by reading
it and calculating its MD5 checksum. If the file has changed, it reloads
CoreDNS with the new Corefile. This eliminates the need to send a SIGHUP
or SIGUSR1 after changing the Corefile.
.PP
The reloads are graceful - you should not see any loss of service when the
reload happens. Even if the new Corefile has an error, CoreDNS will continue
to run the old config and an error message will be printed to the log. But see
the Bugs section for failure modes.
.PP
In some environments (for example, Kubernetes), there may be many CoreDNS
instances that started very near the same time and all share a common
Corefile. To prevent these all from reloading at the same time, some
jitter is added to the reload check interval. This is jitter from the
perspective of multiple CoreDNS instances; each instance still checks on a
regular interval, but all of these instances will have their reloads spread
out across the jitter duration. This isn't strictly necessary given that the
reloads are graceful, and can be disabled by setting the jitter to \fB\fC0s\fR.
.PP
Jitter is re-calculated whenever the Corefile is reloaded.
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
.RS
.nf
reload [INTERVAL] [JITTER]
.fi
.RE
.PP
The plugin will check for changes every \fBINTERVAL\fP, subject to +/- the \fBJITTER\fP duration.
.IP \(bu 4
\fBINTERVAL\fP and \fBJITTER\fP are Golang durations
\[la]https://golang.org/pkg/time/#ParseDuration\[ra].
The default \fBINTERVAL\fP is 30s, default \fBJITTER\fP is 15s, the minimal value for \fBINTERVAL\fP
is 2s, and for \fBJITTER\fP it is 1s. If \fBJITTER\fP is more than half of \fBINTERVAL\fP, it will be
set to half of \fBINTERVAL\fP
.SH "EXAMPLES"
.PP
Check with the default intervals:
.PP
.RS
.nf
\&. {
reload
erratic
}
.fi
.RE
.PP
Check every 10 seconds (jitter is automatically set to 10 / 2 = 5 in this case):
.PP
.RS
.nf
\&. {
reload 10s
erratic
}
.fi
.RE
.SH "BUGS"
.PP
The reload happens without data loss (i.e. DNS queries keep flowing), but there is a corner case
where the reload fails, and you loose functionality. Consider the following Corefile:
.PP
.RS
.nf
\&. {
health :8080
whoami
}
.fi
.RE
.PP
CoreDNS starts and serves health from :8080. Now you change \fB\fC:8080\fR to \fB\fC:443\fR not knowing a process
is already listening on that port. The process reloads and performs the following steps:
.IP 1\. 4
close the listener on 8080
.IP 2\. 4
reload and parse the config again
.IP 3\. 4
fail to start a new listener on 443
.IP 4\. 4
fail loading the new Corefile, abort and keep using the old process
.PP
After the aborted attempt to reload we are left with the old processes running, but the listener is
closed in step 1; so the health endpoint is broken. The same can happen in the prometheus plugin.
.PP
In general be careful with assigning new port and expecting reload to work fully.
.PP
In CoreDNS v1.6.0 and earlier any \fB\fCimport\fR statements are not discovered by this plugin.
This means if any of these imported files changes the \fIreload\fP plugin is ignorant of that fact.
CoreDNS v1.7.0 and later does parse the Corefile and supports detecting changes in imported files.
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metric is exported:
.IP \(bu 4
\fB\fCcoredns_reload_failed_total{}\fR - counts the number of failed reload attempts.
.IP \(bu 4
\fB\fCcoredns_reload_version_info{hash, value}\fR - record the hash value during reload.
.PP
Currently the type of \fB\fChash\fR is "md5", the \fB\fCvalue\fR is the returned hash value.
.SH "SEE ALSO"
.PP
See coredns-import(7) and corefile(5).

470
man/coredns-rewrite.7
View File

@ -1,470 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-REWRITE" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIrewrite\fP - performs internal message rewriting.
.SH "DESCRIPTION"
.PP
Rewrites are invisible to the client. There are simple rewrites (fast) and complex rewrites
(slower), but they're powerful enough to accommodate most dynamic back-end applications.
.SH "SYNTAX"
.PP
A simplified/easy-to-digest syntax for \fIrewrite\fP is...
.PP
.RS
.nf
rewrite [continue|stop] FIELD [FROM TO|FROM TTL]
.fi
.RE
.IP \(bu 4
\fBFIELD\fP indicates what part of the request/response is being re-written.
.RS
.IP \(en 4
\fB\fCtype\fR - the type field of the request will be rewritten. FROM/TO must be a DNS record type (\fB\fCA\fR, \fB\fCMX\fR, etc.);
e.g., to rewrite ANY queries to HINFO, use \fB\fCrewrite type ANY HINFO\fR.
.IP \(en 4
\fB\fCclass\fR - the class of the message will be rewritten. FROM/TO must be a DNS class type (\fB\fCIN\fR, \fB\fCCH\fR, or \fB\fCHS\fR); e.g., to rewrite CH queries to IN use \fB\fCrewrite class CH IN\fR.
.IP \(en 4
\fB\fCname\fR - the query name in the \fIrequest\fP is rewritten; by default this is a full match of the
name, e.g., \fB\fCrewrite name example.net example.org\fR. Other match types are supported, see the \fBName Field Rewrites\fP section below.
.IP \(en 4
\fB\fCanswer name\fR - the query name in the \fIresponse\fP is rewritten. This option has special restrictions and requirements, in particular it must always combined with a \fB\fCname\fR rewrite. See below in the \fBResponse Rewrites\fP section.
.IP \(en 4
\fB\fCedns0\fR - an EDNS0 option can be appended to the request as described below in the \fBEDNS0 Options\fP section.
.IP \(en 4
\fB\fCttl\fR - the TTL value in the \fIresponse\fP is rewritten.
.RE
.IP \(bu 4
\fBFROM\fP is the name (exact, suffix, prefix, substring, or regex) or type to match
.IP \(bu 4
\fBTO\fP is the destination name or type to rewrite to
.IP \(bu 4
\fBTTL\fP is the number of seconds to set the TTL value to
.PP
If you specify multiple rules and an incoming query matches multiple rules, the rewrite
will behave as follows:
.IP \(bu 4
\fB\fCcontinue\fR will continue applying the next rule in the rule list.
.IP \(bu 4
\fB\fCstop\fR will consider the current rule the last rule and will not continue. The default behaviour is \fB\fCstop\fR
.SH "EXAMPLES"
.SS "NAME FIELD REWRITES"
.PP
The \fB\fCrewrite\fR plugin offers the ability to match the name in the question section of
a DNS request. The match could be exact, a substring match, or based on a prefix, suffix, or regular
expression. If the newly used name is not a legal domain name, the plugin returns an error to the
client.
.PP
The syntax for name rewriting is as follows:
.PP
.RS
.nf
rewrite [continue|stop] name [exact|prefix|suffix|substring|regex] STRING STRING
.fi
.RE
.PP
The match type, e.g., \fB\fCexact\fR, \fB\fCsubstring\fR, etc., triggers rewrite:
.IP \(bu 4
\fBexact\fP (default): on an exact match of the name in the question section of a request
.IP \(bu 4
\fBsubstring\fP: on a partial match of the name in the question section of a request
.IP \(bu 4
\fBprefix\fP: when the name begins with the matching string
.IP \(bu 4
\fBsuffix\fP: when the name ends with the matching string
.IP \(bu 4
\fBregex\fP: when the name in the question section of a request matches a regular expression
.PP
If the match type is omitted, the \fB\fCexact\fR match type is assumed.
.PP
The following instruction allows rewriting names in the query that
contain the substring \fB\fCservice.us-west-1.example.org\fR:
.PP
.RS
.nf
rewrite name substring service.us\-west\-1.example.org service.us\-west\-1.consul
.fi
.RE
.PP
Thus:
.IP \(bu 4
Incoming Request Name: \fB\fCftp.service.us-west-1.example.org\fR
.IP \(bu 4
Rewritten Request Name: \fB\fCftp.service.us-west-1.consul\fR
.PP
The following instruction uses regular expressions. Names in requests
matching the regular expression \fB\fC(.*)-(us-west-1)\.example\.org\fR are replaced with
\fB\fC{1}.service.{2}.consul\fR, where \fB\fC{1}\fR and \fB\fC{2}\fR are regular expression match groups.
.PP
.RS
.nf
rewrite name regex (.*)\-(us\-west\-1)\\.example\\.org {1}.service.{2}.consul
.fi
.RE
.PP
Thus:
.IP \(bu 4
Incoming Request Name: \fB\fCftp-us-west-1.example.org\fR
.IP \(bu 4
Rewritten Request Name: \fB\fCftp.service.us-west-1.consul\fR
.PP
The following example rewrites the \fB\fCschmoogle.com\fR suffix to \fB\fCgoogle.com\fR.
.PP
.RS
.nf
rewrite name suffix .schmoogle.com. .google.com.
.fi
.RE
.SS "RESPONSE REWRITES"
.PP
When rewriting incoming DNS requests' names, CoreDNS re-writes the \fB\fCQUESTION SECTION\fR
section of the requests. It may be necessary to rewrite the \fB\fCANSWER SECTION\fR of the
requests, because some DNS resolvers treat mismatches between the \fB\fCQUESTION SECTION\fR
and \fB\fCANSWER SECTION\fR as a man-in-the-middle attack (MITM).
.PP
For example, a user tries to resolve \fB\fCftp-us-west-1.coredns.rocks\fR. The
CoreDNS configuration file has the following rule:
.PP
.RS
.nf
rewrite name regex (.*)\-(us\-west\-1)\\.coredns\\.rocks {1}.service.{2}.consul
.fi
.RE
.PP
CoreDNS rewrote the request from \fB\fCftp-us-west-1.coredns.rocks\fR to
\fB\fCftp.service.us-west-1.consul\fR and ultimately resolved it to 3 records.
The resolved records, in the \fB\fCANSWER SECTION\fR below, were not from \fB\fCcoredns.rocks\fR, but
rather from \fB\fCservice.us-west-1.consul\fR.
.PP
.RS
.nf
$ dig @10.1.1.1 ftp\-us\-west\-1.coredns.rocks
;; QUESTION SECTION:
;ftp\-us\-west\-1.coredns.rocks. IN A
;; ANSWER SECTION:
ftp.service.us\-west\-1.consul. 0 IN A 10.10.10.10
ftp.service.us\-west\-1.consul. 0 IN A 10.20.20.20
ftp.service.us\-west\-1.consul. 0 IN A 10.30.30.30
.fi
.RE
.PP
The above is a mismatch between the question asked and the answer provided.
.PP
The following configuration snippet allows for rewriting of the
\fB\fCANSWER SECTION\fR, provided that the \fB\fCQUESTION SECTION\fR was rewritten:
.PP
.RS
.nf
rewrite stop {
name regex (.*)\-(us\-west\-1)\\.coredns\\.rocks {1}.service.{2}.consul
answer name (.*)\\.service\\.(us\-west\-1)\\.consul {1}\-{2}.coredns.rocks
}
.fi
.RE
.PP
Now, the \fB\fCANSWER SECTION\fR matches the \fB\fCQUESTION SECTION\fR:
.PP
.RS
.nf
$ dig @10.1.1.1 ftp\-us\-west\-1.coredns.rocks
;; QUESTION SECTION:
;ftp\-us\-west\-1.coredns.rocks. IN A
;; ANSWER SECTION:
ftp\-us\-west\-1.coredns.rocks. 0 IN A 10.10.10.10
ftp\-us\-west\-1.coredns.rocks. 0 IN A 10.20.20.20
ftp\-us\-west\-1.coredns.rocks. 0 IN A 10.30.30.30
.fi
.RE
.PP
It is also possible to rewrite other values returned in the DNS response records
(e.g. the server names returned in \fB\fCSRV\fR and \fB\fCMX\fR records). This can be enabled by adding
the \fB\fCanswer value\fR to a name regex rule as specified below. \fB\fCanswer value\fR takes a
regular expression and a rewrite name as parameters and works in the same way as the
\fB\fCanswer name\fR rule.
.PP
Note that names in the \fB\fCAUTHORITY SECTION\fR and \fB\fCADDITIONAL SECTION\fR will also be
rewritten following the specified rules. The names returned by the following
record types: \fB\fCCNAME\fR, \fB\fCDNAME\fR, \fB\fCSOA\fR, \fB\fCSRV\fR, \fB\fCMX\fR, \fB\fCNAPTR\fR, \fB\fCNS\fR will be rewritten
if the \fB\fCanswer value\fR rule is specified.
.PP
The syntax for the rewrite of DNS request and response is as follows:
.PP
.RS
.nf
rewrite [continue|stop] {
name regex STRING STRING
answer name STRING STRING
[answer value STRING STRING]
}
.fi
.RE
.PP
Note that the above syntax is strict. For response rewrites, only \fB\fCname\fR
rules are allowed to match the question section, and only by match type
\fB\fCregex\fR. The answer rewrite must be after the name, as in the
syntax example.
.PP
An alternate syntax for rewriting a DNS request and response is as
follows:
.PP
.RS
.nf
rewrite [continue|stop] name regex STRING STRING answer name STRING STRING [answer value STRING STRING]
.fi
.RE
.PP
When using \fB\fCexact\fR name rewrite rules, the answer gets rewritten automatically,
and there is no need to define \fB\fCanswer name\fR. The rule below
rewrites the name in a request from \fB\fCRED\fR to \fB\fCBLUE\fR, and subsequently
rewrites the name in a corresponding response from \fB\fCBLUE\fR to \fB\fCRED\fR. The
client in the request would see only \fB\fCRED\fR and no \fB\fCBLUE\fR.
.PP
.RS
.nf
rewrite [continue|stop] name exact RED BLUE
.fi
.RE
.SS "TTL FIELD REWRITES"
.PP
At times, the need to rewrite a TTL value could arise. For example, a DNS server
may not cache records with a TTL of zero (\fB\fC0\fR). An administrator
may want to increase the TTL to ensure it is cached, e.g., by increasing it to 15 seconds.
.PP
In the below example, the TTL in the answers for \fB\fCcoredns.rocks\fR domain are
being set to \fB\fC15\fR:
.PP
.RS
.nf
rewrite continue {
ttl regex (.*)\\.coredns\\.rocks 15
}
.fi
.RE
.PP
By the same token, an administrator may use this feature to prevent or limit caching by
setting the TTL value really low.
.PP
The syntax for the TTL rewrite rule is as follows. The meaning of
\fB\fCexact|prefix|suffix|substring|regex\fR is the same as with the name rewrite rules.
.PP
.RS
.nf
rewrite [continue|stop] ttl [exact|prefix|suffix|substring|regex] STRING SECONDS
.fi
.RE
.SH "EDNS0 OPTIONS"
.PP
Using the FIELD edns0, you can set, append, or replace specific EDNS0 options in the request.
.IP \(bu 4
\fB\fCreplace\fR will modify any "matching" option with the specified option. The criteria for "matching" varies based on EDNS0 type.
.IP \(bu 4
\fB\fCappend\fR will add the option only if no matching option exists
.IP \(bu 4
\fB\fCset\fR will modify a matching option or add one if none is found
.PP
Currently supported are \fB\fCEDNS0_LOCAL\fR, \fB\fCEDNS0_NSID\fR and \fB\fCEDNS0_SUBNET\fR.
.SS "EDNS0_LOCAL"
.PP
This has two fields, code and data. A match is defined as having the same code. Data may be a string or a variable.
.IP \(bu 4
A string data is treated as hex if it starts with \fB\fC0x\fR. Example:
.PP
.RS
.nf
\&. {
rewrite edns0 local set 0xffee 0x61626364
whoami
}
.fi
.RE
.PP
rewrites the first local option with code 0xffee, setting the data to "abcd". This is equivalent to:
.PP
.RS
.nf
\&. {
rewrite edns0 local set 0xffee abcd
}
.fi
.RE
.IP \(bu 4
A variable data is specified with a pair of curly brackets \fB\fC{}\fR. Following are the supported variables:
{qname}, {qtype}, {client\fIip}, {client\fPport}, {protocol}, {server\fIip}, {server\fPport}.
.IP \(bu 4
If the metadata plugin is enabled, then labels are supported as variables if they are presented within curly brackets.
The variable data will be replaced with the value associated with that label. If that label is not provided,
the variable will be silently substituted with an empty string.
.PP
Examples:
.PP
.RS
.nf
rewrite edns0 local set 0xffee {client\_ip}
.fi
.RE
.PP
The following example uses metadata and an imaginary "some-plugin" that would provide "some-label" as metadata information.
.PP
.RS
.nf
metadata
some\-plugin
rewrite edns0 local set 0xffee {some\-plugin/some\-label}
.fi
.RE
.SS "EDNS0_NSID"
.PP
This has no fields; it will add an NSID option with an empty string for the NSID. If the option already exists
and the action is \fB\fCreplace\fR or \fB\fCset\fR, then the NSID in the option will be set to the empty string.
.SS "EDNS0_SUBNET"
.PP
This has two fields, IPv4 bitmask length and IPv6 bitmask length. The bitmask
length is used to extract the client subnet from the source IP address in the query.
.PP
Example:
.PP
.RS
.nf
rewrite edns0 subnet set 24 56
.fi
.RE
.IP \(bu 4
If the query's source IP address is an IPv4 address, the first 24 bits in the IP will be the network subnet.
.IP \(bu 4
If the query's source IP address is an IPv6 address, the first 56 bits in the IP will be the network subnet.
.SH "FULL SYNTAX"
.PP
The full plugin usage syntax is harder to digest...
.PP
.RS
.nf
rewrite [continue|stop] {type|class|edns0|name [exact|prefix|suffix|substring|regex [FROM TO answer name]]} FROM TO
.fi
.RE
.PP
The syntax above doesn't cover the multi-line block option for specifying a name request+response rewrite rule described in the \fBResponse Rewrite\fP section.

43
man/coredns-root.7
View File

@ -1,43 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-ROOT" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIroot\fP - simply specifies the root of where to find (zone) files.
.SH "DESCRIPTION"
.PP
The default root is the current working directory of CoreDNS. The \fIroot\fP plugin allows you to change
this. A relative root path is relative to the current working directory.
.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
.PP
.RS
.nf
root PATH
.fi
.RE
.PP
\fBPATH\fP is the directory to set as CoreDNS' root.
.SH "EXAMPLES"
.PP
Serve zone data (when the \fIfile\fP plugin is used) from \fB\fC/etc/coredns/zones\fR:
.PP
.RS
.nf
\&. {
root /etc/coredns/zones
}
.fi
.RE

142
man/coredns-route53.7
View File

@ -1,142 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-ROUTE53" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIroute53\fP - enables serving zone data from AWS route53.
.SH "DESCRIPTION"
.PP
The route53 plugin is useful for serving zones from resource record
sets in AWS route53. This plugin supports all Amazon Route 53 records
(https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html
\[la]https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html\[ra]).
The route53 plugin can be used when coredns is deployed on AWS or elsewhere.
.SH "SYNTAX"
.PP
.RS
.nf
route53 [ZONE:HOSTED\_ZONE\_ID...] {
aws\_access\_key [AWS\_ACCESS\_KEY\_ID AWS\_SECRET\_ACCESS\_KEY]
credentials PROFILE [FILENAME]
fallthrough [ZONES...]
refresh DURATION
}
.fi
.RE
.IP \(bu 4
\fBZONE\fP the name of the domain to be accessed. When there are multiple zones with overlapping
domains (private vs. public hosted zone), CoreDNS does the lookup in the given order here.
Therefore, for a non-existing resource record, SOA response will be from the rightmost zone.
.IP \(bu 4
\fBHOSTED_ZONE_ID\fP the ID of the hosted zone that contains the resource record sets to be
accessed.
.IP \(bu 4
\fBAWS_ACCESS_KEY_ID\fP and \fBAWS_SECRET_ACCESS_KEY\fP the AWS access key ID and secret access key
to be used when query AWS (optional). If they are not provided, then coredns tries to access
AWS credentials the same way as AWS CLI, e.g., environmental variables, AWS credentials file,
instance profile credentials, etc.
.IP \(bu 4
\fB\fCcredentials\fR is used for reading the credential \fBFILENAME\fP and setting the \fBPROFILE\fP name for a given
zone. \fBPROFILE\fP is the AWS account profile name. Defaults to \fB\fCdefault\fR. \fBFILENAME\fP is the
AWS credentials filename, defaults to \fB\fC~/.aws/credentials\fR.
.IP \(bu 4
\fB\fCfallthrough\fR If zone matches and no record can be generated, pass request to the next plugin.
If \fBZONES\fP is omitted, then fallthrough happens for all zones for which the plugin is
authoritative. If specific zones are listed (for example \fB\fCin-addr.arpa\fR and \fB\fCip6.arpa\fR), then
only queries for those zones will be subject to fallthrough.
.IP \(bu 4
\fB\fCrefresh\fR can be used to control how long between record retrievals from Route 53. It requires
a duration string as a parameter to specify the duration between update cycles. Each update
cycle may result in many AWS API calls depending on how many domains use this plugin and how
many records are in each. Adjusting the update frequency may help reduce the potential of API
rate-limiting imposed by AWS.
.IP \(bu 4
\fBDURATION\fP A duration string. Defaults to \fB\fC1m\fR. If units are unspecified, seconds are assumed.
.SH "EXAMPLES"
.PP
Enable route53 with implicit AWS credentials and resolve CNAMEs via 10.0.0.1:
.PP
.RS
.nf
example.org {
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7
}
\&. {
forward . 10.0.0.1
}
.fi
.RE
.PP
Enable route53 with explicit AWS credentials:
.PP
.RS
.nf
example.org {
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 {
aws\_access\_key AWS\_ACCESS\_KEY\_ID AWS\_SECRET\_ACCESS\_KEY
}
}
.fi
.RE
.PP
Enable route53 with fallthrough:
.PP
.RS
.nf
\&. {
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 example.gov.:Z654321543245 {
fallthrough example.gov.
}
}
.fi
.RE
.PP
Enable route53 with multiple hosted zones with the same domain:
.PP
.RS
.nf
example.org {
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 example.org.:Z93A52145678156
}
.fi
.RE
.PP
Enable route53 and refresh records every 3 minutes
.PP
.RS
.nf
example.org {
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 {
refresh 3m
}
}
.fi
.RE

97
man/coredns-secondary.7
View File

@ -1,97 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-SECONDARY" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIsecondary\fP - enables serving a zone retrieved from a primary server.
.SH "DESCRIPTION"
.PP
With \fIsecondary\fP you can transfer (via AXFR) a zone from another server. The retrieved zone is
\fInot committed\fP to disk (a violation of the RFC). This means restarting CoreDNS will cause it to
retrieve all secondary zones.
.SH "SYNTAX"
.PP
.RS
.nf
secondary [ZONES...]
.fi
.RE
.IP \(bu 4
\fBZONES\fP zones it should be authoritative for. If empty, the zones from the configuration block
are used. Note that without a remote address to \fIget\fP the zone from, the above is not that useful.
.PP
A working syntax would be:
.PP
.RS
.nf
secondary [zones...] {
transfer from ADDRESS [ADDRESS...]
}
.fi
.RE
.IP \(bu 4
\fB\fCtransfer from\fR specifies from which \fBADDRESS\fP to fetch the zone. It can be specified multiple
times; if one does not work, another will be tried. Transfering this zone outwards again can be
done by enabling the \fItransfer\fP plugin.
.PP
When a zone is due to be refreshed (refresh timer fires) a random jitter of 5 seconds is applied,
before fetching. In the case of retry this will be 2 seconds. If there are any errors during the
transfer in, the transfer fails; this will be logged.
.SH "EXAMPLES"
.PP
Transfer \fB\fCexample.org\fR from 10.0.1.1, and if that fails try 10.1.2.1.
.PP
.RS
.nf
example.org {
secondary {
transfer from 10.0.1.1 10.1.2.1
}
}
.fi
.RE
.PP
Or re-export the retrieved zone to other secondaries.
.PP
.RS
.nf
example.net {
secondary {
transfer from 10.1.2.1
}
transfer {
to *
}
}
.fi
.RE
.SH "BUGS"
.PP
Only AXFR is supported and the retrieved zone is not committed to disk.
.SH "SEE ALSO"
.PP
See the \fItransfer\fP plugin to enable zone transfers \fIto\fP other servers.

228
man/coredns-sign.7
View File

@ -1,228 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-SIGN" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIsign\fP - adds DNSSEC records to zone files.
.SH "DESCRIPTION"
.PP
The \fIsign\fP plugin is used to sign (see RFC 6781) zones. In this process DNSSEC resource records are
added. The signatures that sign the resource records sets have an expiration date, this means the
signing process must be repeated before this expiration data is reached. Otherwise the zone's data
will go BAD (RFC 4035, Section 5.5). The \fIsign\fP plugin takes care of this.
.PP
Only NSEC is supported, \fIsign\fP does \fInot\fP support NSEC3.
.PP
\fISign\fP works in conjunction with the \fIfile\fP and \fIauto\fP plugins; this plugin \fBsigns\fP the zones
files, \fIauto\fP and \fIfile\fP \fBserve\fP the zones \fIdata\fP.
.PP
For this plugin to work at least one Common Signing Key, (see coredns-keygen(1)) is needed. This key
(or keys) will be used to sign the entire zone. \fISign\fP does \fInot\fP support the ZSK/KSK split, nor will
it do key or algorithm rollovers - it just signs.
.PP
\fISign\fP will:
.IP \(bu 4
(Re)-sign the zone with the CSK(s) when:
.RS
.IP \(en 4
the last time it was signed is more than a 6 days ago. Each zone will have some jitter
applied to the inception date.
.IP \(en 4
the signature only has 14 days left before expiring.
.RE
Both these dates are only checked on the SOA's signature(s).
.IP \(bu 4
Create RRSIGs that have an inception of -3 hours (minus a jitter between 0 and 18 hours)
and a expiration of +32 (plus a jitter between 0 and 5 days) days for every given DNSKEY.
.IP \(bu 4
Add NSEC records for all names in the zone. The TTL for these is the negative cache TTL from the
SOA record.
.IP \(bu 4
Add or replace \fIall\fP apex CDS/CDNSKEY records with the ones derived from the given keys. For
each key two CDS are created one with SHA1 and another with SHA256.
.IP \(bu 4
Update the SOA's serial number to the \fIUnix epoch\fP of when the signing happens. This will
overwrite \fIany\fP previous serial number.
.PP
There are two ways that dictate when a zone is signed. Normally every 6 days (plus jitter) it will
be resigned. If for some reason we fail this check, the 14 days before expiring kicks in.
.PP
Keys are named (following BIND9): \fB\fCK<name>+<alg>+<id>.key\fR and \fB\fCK<name>+<alg>+<id>.private\fR.
The keys \fBmust not\fP be included in your zone; they will be added by \fIsign\fP. These keys can be
generated with \fB\fCcoredns-keygen\fR or BIND9's \fB\fCdnssec-keygen\fR. You don't have to adhere to this naming
scheme, but then you need to name your keys explicitly, see the \fB\fCkeys file\fR directive.
.PP
A generated zone is written out in a file named \fB\fCdb.<name>.signed\fR in the directory named by the
\fB\fCdirectory\fR directive (which defaults to \fB\fC/var/lib/coredns\fR).
.SH "SYNTAX"
.PP
.RS
.nf
sign DBFILE [ZONES...] {
key file|directory KEY...|DIR...
directory DIR
}
.fi
.RE
.IP \(bu 4
\fBDBFILE\fP the zone database file to read and parse. If the path is relative, the path from the
\fIroot\fP plugin will be prepended to it.
.IP \(bu 4
\fBZONES\fP zones it should be sign for. If empty, the zones from the configuration block are
used.
.IP \(bu 4
\fB\fCkey\fR specifies the key(s) (there can be multiple) to sign the zone. If \fB\fCfile\fR is
used the \fBKEY\fP's filenames are used as is. If \fB\fCdirectory\fR is used, \fIsign\fP will look in \fBDIR\fP
for \fB\fCK<name>+<alg>+<id>\fR files. Any metadata in these files (Activate, Publish, etc.) is
\fIignored\fP. These keys must also be Key Signing Keys (KSK).
.IP \(bu 4
\fB\fCdirectory\fR specifies the \fBDIR\fP where CoreDNS should save zones that have been signed.
If not given this defaults to \fB\fC/var/lib/coredns\fR. The zones are saved under the name
\fB\fCdb.<name>.signed\fR. If the path is relative the path from the \fIroot\fP plugin will be prepended
to it.
.PP
Keys can be generated with \fB\fCcoredns-keygen\fR, to create one for use in the \fIsign\fP plugin, use:
\fB\fCcoredns-keygen example.org\fR or \fB\fCdnssec-keygen -a ECDSAP256SHA256 -f KSK example.org\fR.
.SH "EXAMPLES"
.PP
Sign the \fB\fCexample.org\fR zone contained in the file \fB\fCdb.example.org\fR and write the result to
\fB\fC./db.example.org.signed\fR to let the \fIfile\fP plugin pick it up and serve it. The keys used
are read from \fB\fC/etc/coredns/keys/Kexample.org.key\fR and \fB\fC/etc/coredns/keys/Kexample.org.private\fR.
.PP
.RS
.nf
example.org {
file db.example.org.signed
sign db.example.org {
key file /etc/coredns/keys/Kexample.org
directory .
}
}
.fi
.RE
.PP
Running this leads to the following log output (note the timers in this example have been set to
shorter intervals).
.PP
.RS
.nf
[WARNING] plugin/file: Failed to open "open /tmp/db.example.org.signed: no such file or directory": trying again in 1m0s
[INFO] plugin/sign: Signing "example.org." because open /tmp/db.example.org.signed: no such file or directory
[INFO] plugin/sign: Successfully signed zone "example.org." in "/tmp/db.example.org.signed" with key tags "59725" and 1564766865 SOA serial, elapsed 9.357933ms, next: 2019\-08\-02T22:27:45.270Z
[INFO] plugin/file: Successfully reloaded zone "example.org." in "/tmp/db.example.org.signed" with serial 1564766865
.fi
.RE
.PP
Or use a single zone file for \fImultiple\fP zones, note that the \fBZONES\fP are repeated for both plugins.
Also note this outputs \fImultiple\fP signed output files. Here we use the default output directory
\fB\fC/var/lib/coredns\fR.
.PP
.RS
.nf
\&. {
file /var/lib/coredns/db.example.org.signed example.org
file /var/lib/coredns/db.example.net.signed example.net
sign db.example.org example.org example.net {
key directory /etc/coredns/keys
}
}
.fi
.RE
.PP
This is the same configuration, but the zones are put in the server block, but note that you still
need to specify what file is served for what zone in the \fIfile\fP plugin:
.PP
.RS
.nf
example.org example.net {
file var/lib/coredns/db.example.org.signed example.org
file var/lib/coredns/db.example.net.signed example.net
sign db.example.org {
key directory /etc/coredns/keys
}
}
.fi
.RE
.PP
Be careful to fully list the origins you want to sign, if you don't:
.PP
.RS
.nf
example.org example.net {
sign plugin/sign/testdata/db.example.org miek.org {
key file /etc/coredns/keys/Kexample.org
}
}
.fi
.RE
.PP
This will lead to \fB\fCdb.example.org\fR be signed \fItwice\fP, as this entire section is parsed twice because
you have specified the origins \fB\fCexample.org\fR and \fB\fCexample.net\fR in the server block.
.PP
Forcibly resigning a zone can be accomplished by removing the signed zone file (CoreDNS will keep
on serving it from memory), and sending SIGUSR1 to the process to make it reload and resign the zone
file.
.SH "SEE ALSO"
.PP
The DNSSEC RFCs: RFC 4033, RFC 4034 and RFC 4035. And the BCP on DNSSEC, RFC 6781. Further more the
manual pages coredns-keygen(1) and dnssec-keygen(8). And the \fIfile\fP plugin's documentation.
.PP
Coredns-keygen can be found at
https://github.com/coredns/coredns-utils
\[la]https://github.com/coredns/coredns-utils\[ra] in the
coredns-keygen directory.
.PP
Other useful DNSSEC tools can be found in ldns
\[la]https://nlnetlabs.nl/projects/ldns/about/\[ra], e.g.
\fB\fCldns-key2ds\fR to create DS records from DNSKEYs.
.SH "BUGS"
.PP
\fB\fCkeys directory\fR is not implemented.

359
man/coredns-template.7
View File

@ -1,359 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-TEMPLATE" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fItemplate\fP - allows for dynamic responses based on the incoming query.
.SH "DESCRIPTION"
.PP
The \fItemplate\fP plugin allows you to dynamically respond to queries by just writing a (Go) template.
.SH "SYNTAX"
.PP
.RS
.nf
template CLASS TYPE [ZONE...] {
match REGEX...
answer RR
additional RR
authority RR
rcode CODE
fallthrough [ZONE...]
}
.fi
.RE
.IP \(bu 4
\fBCLASS\fP the query class (usually IN or ANY).
.IP \(bu 4
\fBTYPE\fP the query type (A, PTR, ... can be ANY to match all types).
.IP \(bu 4
\fBZONE\fP the zone scope(s) for this template. Defaults to the server zones.
.IP \(bu 4
\fBREGEX\fP Go regexp
\[la]https://golang.org/pkg/regexp/\[ra] that are matched against the incoming question name. Specifying no regex matches everything (default: \fB\fC.*\fR). First matching regex wins.
.IP \(bu 4
\fB\fCanswer|additional|authority\fR \fBRR\fP A RFC 1035
\[la]https://tools.ietf.org/html/rfc1035#section-5\[ra] style resource record fragment
built by a Go template
\[la]https://golang.org/pkg/text/template/\[ra] that contains the reply.
.IP \(bu 4
\fB\fCrcode\fR \fBCODE\fP A response code (\fB\fCNXDOMAIN, SERVFAIL, ...\fR). The default is \fB\fCSUCCESS\fR.
.IP \(bu 4
\fB\fCfallthrough\fR Continue with the next plugin if the zone matched but no regex matched.
If specific zones are listed (for example \fB\fCin-addr.arpa\fR and \fB\fCip6.arpa\fR), then only queries for
those zones will be subject to fallthrough.
.PP
At least one \fB\fCanswer\fR or \fB\fCrcode\fR directive is needed (e.g. \fB\fCrcode NXDOMAIN\fR).
.PP
Also see
\[la]#also-see\[ra] contains an additional reading list.
.SH "TEMPLATES"
.PP
Each resource record is a full-featured Go template
\[la]https://golang.org/pkg/text/template/\[ra] with the following predefined data
.IP \(bu 4
\fB\fC.Zone\fR the matched zone string (e.g. \fB\fCexample.\fR).
.IP \(bu 4
\fB\fC.Name\fR the query name, as a string (lowercased).
.IP \(bu 4
\fB\fC.Class\fR the query class (usually \fB\fCIN\fR).
.IP \(bu 4
\fB\fC.Type\fR the RR type requested (e.g. \fB\fCPTR\fR).
.IP \(bu 4
\fB\fC.Match\fR an array of all matches. \fB\fCindex .Match 0\fR refers to the whole match.
.IP \(bu 4
\fB\fC.Group\fR a map of the named capture groups.
.IP \(bu 4
\fB\fC.Message\fR the complete incoming DNS message.
.IP \(bu 4
\fB\fC.Question\fR the matched question section.
.IP \(bu 4
\fB\fC.Remote\fR clients IP address
.IP \(bu 4
\fB\fC.Meta\fR a function that takes a metadata name and returns the value, if the
metadata plugin is enabled. For example, \fB\fC.Meta "kubernetes/client-namespace"\fR
.PP
The output of the template must be a RFC 1035
\[la]https://tools.ietf.org/html/rfc1035\[ra] style resource record (commonly referred to as a "zone file").
.PP
\fBWARNING\fP there is a syntactical problem with Go templates and CoreDNS config files. Expressions
like \fB\fC{{$var}}\fR will be interpreted as a reference to an environment variable by CoreDNS (and
Caddy) while \fB\fC{{ $var }}\fR will work. See Bugs
\[la]#bugs\[ra] and corefile(5).
.SH "METRICS"
.PP
If monitoring is enabled (via the \fIprometheus\fP plugin) then the following metrics are exported:
.IP \(bu 4
\fB\fCcoredns_template_matches_total{server, regex}\fR the total number of matched requests by regex.
.IP \(bu 4
\fB\fCcoredns_template_template_failures_total{server, regex,section,template}\fR the number of times the Go templating failed. Regex, section and template label values can be used to map the error back to the config file.
.IP \(bu 4
\fB\fCcoredns_template_rr_failures_total{server, regex,section,template}\fR the number of times the templated resource record was invalid and could not be parsed. Regex, section and template label values can be used to map the error back to the config file.
.PP
Both failure cases indicate a problem with the template configuration. The \fB\fCserver\fR label indicates
the server incrementing the metric, see the \fImetrics\fP plugin for details.
.SH "EXAMPLES"
.SS "RESOLVE EVERYTHING TO NXDOMAIN"
.PP
The most simplistic template is
.PP
.RS
.nf
\&. {
template ANY ANY {
rcode NXDOMAIN
}
}
.fi
.RE
.IP 1\. 4
This template uses the default zone (\fB\fC.\fR or all queries)
.IP 2\. 4
All queries will be answered (no \fB\fCfallthrough\fR)
.IP 3\. 4
The answer is always NXDOMAIN
.SS "RESOLVE .INVALID AS NXDOMAIN"
.PP
The \fB\fC.invalid\fR domain is a reserved TLD (see RFC 2606 Reserved Top Level DNS Names
\[la]https://tools.ietf.org/html/rfc2606#section-2\[ra]) to indicate invalid domains.
.PP
.RS
.nf
\&. {
forward . 8.8.8.8
template ANY ANY invalid {
rcode NXDOMAIN
authority "invalid. 60 {{ .Class }} SOA ns.invalid. hostmaster.invalid. (1 60 60 60 60)"
}
}
.fi
.RE
.IP 1\. 4
A query to .invalid will result in NXDOMAIN (rcode)
.IP 2\. 4
A dummy SOA record is sent to hand out a TTL of 60s for caching purposes
.IP 3\. 4
Querying \fB\fC.invalid\fR in the \fB\fCCH\fR class will also cause a NXDOMAIN/SOA response
.IP 4\. 4
The default regex is \fB\fC.*\fR
.SS "BLOCK INVALID SEARCH DOMAIN COMPLETIONS"
.PP
Imagine you run \fB\fCexample.com\fR with a datacenter \fB\fCdc1.example.com\fR. The datacenter domain
is part of the DNS search domain.
However \fB\fCsomething.example.com.dc1.example.com\fR would indicate a fully qualified
domain name (\fB\fCsomething.example.com\fR) that inadvertently has the default domain or search
path (\fB\fCdc1.example.com\fR) added.
.PP
.RS
.nf
\&. {
forward . 8.8.8.8
template IN ANY example.com.dc1.example.com {
rcode NXDOMAIN
authority "{{ .Zone }} 60 IN SOA ns.example.com hostmaster.example.com (1 60 60 60 60)"
}
}
.fi
.RE
.PP
A more verbose regex based equivalent would be
.PP
.RS
.nf
\&. {
forward . 8.8.8.8
template IN ANY example.com {
match "example\\.com\\.(dc1\\.example\\.com\\.)$"
rcode NXDOMAIN
authority "{{ index .Match 1 }} 60 IN SOA ns.{{ index .Match 1 }} hostmaster.{{ index .Match 1 }} (1 60 60 60 60)"
fallthrough
}
}
.fi
.RE
.PP
The regex-based version can do more complex matching/templating while zone-based templating is easier to read and use.
.SS "RESOLVE A/PTR FOR .EXAMPLE"
.PP
.RS
.nf
\&. {
forward . 8.8.8.8
# ip\-a\-b\-c\-d.example A a.b.c.d
template IN A example {
match (^|[.])ip\-(?P<a>[0\-9]*)\-(?P<b>[0\-9]*)\-(?P<c>[0\-9]*)\-(?P<d>[0\-9]*)[.]example[.]$
answer "{{ .Name }} 60 IN A {{ .Group.a }}.{{ .Group.b }}.{{ .Group.c }}.{{ .Group.d }}"
fallthrough
}
# d.c.b.a.in\-addr.arpa PTR ip\-a\-b\-c\-d.example
template IN PTR in\-addr.arpa {
match ^(?P<d>[0\-9]*)[.](?P<c>[0\-9]*)[.](?P<b>[0\-9]*)[.](?P<a>[0\-9]*)[.]in\-addr[.]arpa[.]$
answer "{{ .Name }} 60 IN PTR ip\-{{ .Group.a }}\-{{ .Group.b }}\-{{ .Group.c }}\-{{ .Group.d }}.example."
}
}
.fi
.RE
.PP
An IPv4 address consists of 4 bytes, \fB\fCa.b.c.d\fR. Named groups make it less error-prone to reverse the
IP address in the PTR case. Try to use named groups to explain what your regex and template are doing.
.PP
Note that the A record is actually a wildcard: any subdomain of the IP address will resolve to the IP address.
.PP
Having templates to map certain PTR/A pairs is a common pattern.
.PP
Fallthrough is needed for mixed domains where only some responses are templated.
.SS "RESOLVE MULTIPLE IP PATTERNS"
.PP
.RS
.nf
\&. {
forward . 8.8.8.8
template IN A example {
match "^ip\-(?P<a>10)\-(?P<b>[0\-9]*)\-(?P<c>[0\-9]*)\-(?P<d>[0\-9]*)[.]dc[.]example[.]$"
match "^(?P<a>[0\-9]*)[.](?P<b>[0\-9]*)[.](?P<c>[0\-9]*)[.](?P<d>[0\-9]*)[.]ext[.]example[.]$"
answer "{{ .Name }} 60 IN A {{ .Group.a}}.{{ .Group.b }}.{{ .Group.c }}.{{ .Group.d }}"
fallthrough
}
}
.fi
.RE
.PP
Named capture groups can be used to template one response for multiple patterns.
.SS "RESOLVE A AND MX RECORDS FOR IP TEMPLATES IN .EXAMPLE"
.PP
.RS
.nf
\&. {
forward . 8.8.8.8
template IN A example {
match ^ip\-10\-(?P<b>[0\-9]*)\-(?P<c>[0\-9]*)\-(?P<d>[0\-9]*)[.]example[.]$
answer "{{ .Name }} 60 IN A 10.{{ .Group.b }}.{{ .Group.c }}.{{ .Group.d }}"
fallthrough
}
template IN MX example {
match ^ip\-10\-(?P<b>[0\-9]*)\-(?P<c>[0\-9]*)\-(?P<d>[0\-9]*)[.]example[.]$
answer "{{ .Name }} 60 IN MX 10 {{ .Name }}"
additional "{{ .Name }} 60 IN A 10.{{ .Group.b }}.{{ .Group.c }}.{{ .Group.d }}"
fallthrough
}
}
.fi
.RE
.SS "ADDING AUTHORITATIVE NAMESERVERS TO THE RESPONSE"
.PP
.RS
.nf
\&. {
forward . 8.8.8.8
template IN A example {
match ^ip\-10\-(?P<b>[0\-9]*)\-(?P<c>[0\-9]*)\-(?P<d>[0\-9]*)[.]example[.]$
answer "{{ .Name }} 60 IN A 10.{{ .Group.b }}.{{ .Group.c }}.{{ .Group.d }}"
authority "example. 60 IN NS ns0.example."
authority "example. 60 IN NS ns1.example."
additional "ns0.example. 60 IN A 203.0.113.8"
additional "ns1.example. 60 IN A 198.51.100.8"
fallthrough
}
template IN MX example {
match ^ip\-10\-(?P<b>[0\-9]*)\-(?P<c>[0\-9]*)\-(?P<d>[0\-9]*)[.]example[.]$
answer "{{ .Name }} 60 IN MX 10 {{ .Name }}"
additional "{{ .Name }} 60 IN A 10.{{ .Group.b }}.{{ .Group.c }}.{{ .Group.d }}"
authority "example. 60 IN NS ns0.example."
authority "example. 60 IN NS ns1.example."
additional "ns0.example. 60 IN A 203.0.113.8"
additional "ns1.example. 60 IN A 198.51.100.8"
fallthrough
}
}
.fi
.RE
.SH "ALSO SEE"
.IP \(bu 4
Go regexp
\[la]https://golang.org/pkg/regexp/\[ra] for details about the regex implementation
.IP \(bu 4
RE2 syntax reference
\[la]https://github.com/google/re2/wiki/Syntax\[ra] for details about the regex syntax
.IP \(bu 4
RFC 1034
\[la]https://tools.ietf.org/html/rfc1034#section-3.6.1\[ra] and RFC 1035
\[la]https://tools.ietf.org/html/rfc1035#section-5\[ra] for the resource record format
.IP \(bu 4
Go template
\[la]https://golang.org/pkg/text/template/\[ra] for the template language reference
.SH "BUGS"
.PP
CoreDNS supports caddyfile environment variables
\[la]https://caddyserver.com/docs/caddyfile#env\[ra]
with notion of \fB\fC{$ENV_VAR}\fR. This parser feature will break Go template variables
\[la]https://golang.org/pkg/text/template/#hdr-Variables\[ra] notations like\fB\fC{{$variable}}\fR.
The equivalent notation \fB\fC{{ $variable }}\fR will work.
Try to avoid Go template variables in the context of this plugin.

95
man/coredns-tls.7
View File

@ -1,95 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-TLS" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fItls\fP - allows you to configure the server certificates for the TLS and gRPC servers.
.SH "DESCRIPTION"
.PP
CoreDNS supports queries that are encrypted using TLS (DNS over Transport Layer Security, RFC 7858)
or are using gRPC (https://grpc.io/
\[la]https://grpc.io/\[ra], not an IETF standard). Normally DNS traffic isn't encrypted at
all (DNSSEC only signs resource records).
.PP
The \fItls\fP "plugin" allows you to configure the cryptographic keys that are needed for both
DNS-over-TLS and DNS-over-gRPC. If the \fItls\fP plugin is omitted, then no encryption takes place.
.PP
The gRPC protobuffer is defined in \fB\fCpb/dns.proto\fR. It defines the proto as a simple wrapper for the
wire data of a DNS message.
.SH "SYNTAX"
.PP
.RS
.nf
tls CERT KEY [CA]
.fi
.RE
.PP
Parameter CA is optional. If not set, system CAs can be used to verify the client certificate
.PP
.RS
.nf
tls CERT KEY [CA] {
client\_auth nocert|request|require|verify\_if\_given|require\_and\_verify
}
.fi
.RE
.PP
If client_auth option is specified, it controls the client authentication policy.
The option value corresponds to the ClientAuthType values of the Go tls package
\[la]https://golang.org/pkg/crypto/tls/#ClientAuthType\[ra]: NoClientCert, RequestClientCert, RequireAnyClientCert, VerifyClientCertIfGiven, and RequireAndVerifyClientCert, respectively.
The default is "nocert". Note that it makes no sense to specify parameter CA unless this option is
set to verify_if_given or require_and_verify.
.SH "EXAMPLES"
.PP
Start a DNS-over-TLS server that picks up incoming DNS-over-TLS queries on port 5553 and uses the
nameservers defined in \fB\fC/etc/resolv.conf\fR to resolve the query. This proxy path uses plain old DNS.
.PP
.RS
.nf
tls://.:5553 {
tls cert.pem key.pem ca.pem
forward . /etc/resolv.conf
}
.fi
.RE
.PP
Start a DNS-over-gRPC server that is similar to the previous example, but using DNS-over-gRPC for
incoming queries.
.PP
.RS
.nf
grpc://. {
tls cert.pem key.pem ca.pem
forward . /etc/resolv.conf
}
.fi
.RE
.PP
Only Knot DNS' \fB\fCkdig\fR supports DNS-over-TLS queries, no command line client supports gRPC making
debugging these transports harder than it should be.
.SH "SEE ALSO"
.PP
RFC 7858 and https://grpc.io
\[la]https://grpc.io\[ra].

156
man/coredns-trace.7
View File

@ -1,156 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-TRACE" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fItrace\fP - enables OpenTracing-based tracing of DNS requests as they go through the plugin chain.
.SH "DESCRIPTION"
.PP
With \fItrace\fP you enable OpenTracing of how a request flows through CoreDNS. Enable the \fIdebug\fP
plugin to get logs from the trace plugin.
.SH "SYNTAX"
.PP
The simplest form is just:
.PP
.RS
.nf
trace [ENDPOINT\-TYPE] [ENDPOINT]
.fi
.RE
.IP \(bu 4
\fBENDPOINT-TYPE\fP is the type of tracing destination. Currently only \fB\fCzipkin\fR and \fB\fCdatadog\fR are supported.
Defaults to \fB\fCzipkin\fR.
.IP \(bu 4
\fBENDPOINT\fP is the tracing destination, and defaults to \fB\fClocalhost:9411\fR. For Zipkin, if
\fBENDPOINT\fP does not begin with \fB\fChttp\fR, then it will be transformed to \fB\fChttp://ENDPOINT/api/v1/spans\fR.
.PP
With this form, all queries will be traced.
.PP
Additional features can be enabled with this syntax:
.PP
.RS
.nf
trace [ENDPOINT\-TYPE] [ENDPOINT] {
every AMOUNT
service NAME
client\_server
datadog\_analytics\_rate RATE
}
.fi
.RE
.IP \(bu 4
\fB\fCevery\fR \fBAMOUNT\fP will only trace one query of each AMOUNT queries. For example, to trace 1 in every
100 queries, use AMOUNT of 100. The default is 1.
.IP \(bu 4
\fB\fCservice\fR \fBNAME\fP allows you to specify the service name reported to the tracing server.
Default is \fB\fCcoredns\fR.
.IP \(bu 4
\fB\fCclient_server\fR will enable the \fB\fCClientServerSameSpan\fR OpenTracing feature.
.IP \(bu 4
\fB\fCdatadog_analytics_rate\fR \fBRATE\fP will enable trace analytics
\[la]https://docs.datadoghq.com/tracing/app_analytics\[ra] on the traces sent
from \fI0\fP to \fI1\fP, \fI1\fP being every trace sent will be analyzed. This is a datadog only feature
(\fBENDPOINT-TYPE\fP needs to be \fB\fCdatadog\fR)
.SH "ZIPKIN"
.PP
You can run Zipkin on a Docker host like this:
.PP
.RS
.nf
docker run \-d \-p 9411:9411 openzipkin/zipkin
.fi
.RE
.PP
Note the zipkin provider does not support the v1 API since coredns 1.7.1.
.SH "EXAMPLES"
.PP
Use an alternative Zipkin address:
.PP
.RS
.nf
trace tracinghost:9253
.fi
.RE
.PP
or
.PP
.RS
.nf
\&. {
trace zipkin tracinghost:9253
}
.fi
.RE
.PP
If for some reason you are using an API reverse proxy or something and need to remap
the standard Zipkin URL you can do something like:
.PP
.RS
.nf
trace http://tracinghost:9411/zipkin/api/v1/spans
.fi
.RE
.PP
Using DataDog:
.PP
.RS
.nf
trace datadog localhost:8126
.fi
.RE
.PP
Trace one query every 10000 queries, rename the service, and enable same span:
.PP
.RS
.nf
trace tracinghost:9411 {
every 10000
service dnsproxy
client\_server
}
.fi
.RE
.SH "SEE ALSO"
.PP
See the \fIdebug\fP plugin for more information about debug logging.

50
man/coredns-transfer.7
View File

@ -1,50 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-TRANSFER" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fItransfer\fP - perform (outgoing) zone transfers for other plugins.
.SH "DESCRIPTION"
.PP
This plugin answers zone transfers for authoritative plugins that implement \fB\fCtransfer.Transferer\fR.
.PP
\fItransfer\fP answers full zone transfer (AXFR) requests and incremental zone transfer (IXFR) requests
with AXFR fallback if the zone has changed.
.PP
When a plugin wants to notify it's secondaries it will call back into the \fItransfer\fP plugin.
.PP
The following plugins implement zone transfers using this plugin: \fIfile\fP, \fIauto\fP, \fIsecondary\fP, and
\fIkubernetes\fP. See \fB\fCtransfer.go\fR for implementation details if you are a plugin author that wants to
use this plugin.
.SH "SYNTAX"
.PP
.RS
.nf
transfer [ZONE...] {
to ADDRESS...
}
.fi
.RE
.IP \(bu 4
\fBZONE\fP The zones \fItransfer\fP will answer zone transfer requests for. If left blank, the zones
are inherited from the enclosing server block. To answer zone transfers for a given zone,
there must be another plugin in the same server block that serves the same zone, and implements
\fB\fCtransfer.Transferer\fR.
.IP \(bu 4
\fB\fCto\fR \fBADDRESS...\fP The hosts \fItransfer\fP will transfer to. Use \fB\fC*\fR to permit transfers to all
addresses. \fBADDRESS\fP must be denoted in CIDR notation (e.g., 127.0.0.1/32) or just as plain
addresses. \fB\fCto\fR may be specified multiple times.
.SH "EXAMPLES"
.PP
See the specific plugins using this plugin for examples on it's usage.

82
man/coredns-whoami.7
View File

@ -1,82 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-WHOAMI" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIwhoami\fP - returns your resolver's local IP address, port and transport.
.SH "DESCRIPTION"
.PP
The \fIwhoami\fP plugin is not really that useful, but can be used for having a simple (fast) endpoint
to test clients against. When \fIwhoami\fP returns a response it will have your client's IP address in
the additional section as either an A or AAAA record.
.PP
The reply always has an empty answer section. The port and transport are included in the additional
section as a SRV record, transport can be "tcp" or "udp".
.PP
.RS
.nf
\&.\_<transport>.qname. 0 IN SRV 0 0 <port> .
.fi
.RE
.PP
The \fIwhoami\fP plugin will respond to every A or AAAA query, regardless of the query name.
.PP
If CoreDNS can't find a Corefile on startup this is the \fIdefault\fP plugin that gets loaded. As such
it can be used to check that CoreDNS is responding to queries. Other than that this plugin is of
limited use in production.
.SH "SYNTAX"
.PP
.RS
.nf
whoami
.fi
.RE
.SH "EXAMPLES"
.PP
Start a server on the default port and load the \fIwhoami\fP plugin.
.PP
.RS
.nf
example.org {
whoami
}
.fi
.RE
.PP
When queried for "example.org A", CoreDNS will respond with:
.PP
.RS
.nf
;; QUESTION SECTION:
;example.org. IN A
;; ADDITIONAL SECTION:
example.org. 0 IN A 10.240.0.1
\_udp.example.org. 0 IN SRV 0 0 40212
.fi
.RE
.SH "SEE ALSO"
.PP
Read the blog post
\[la]https://coredns.io/2017/03/01/how-to-add-plugins-to-coredns/\[ra] on how this plugin is built, or explore the source code
\[la]https://github.com/coredns/coredns/blob/master/plugin/whoami/\[ra].

62
man/coredns.1
View File

@ -1,62 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS" 1 "March 2021" "CoreDNS" "CoreDNS"
.SH "COREDNS"
.PP
\fIcoredns\fP - pluggable DNS nameserver optimized for service discovery and flexibility.
.SH "SYNOPSIS"
.PP
\fIcoredns\fP \fB[-conf FILE]\fP \fB[-dns.port PORT}\fP \fB[OPTION]\fP...
.SH "DESCRIPTION"
.PP
CoreDNS is a DNS server that chains plugins. Each plugin handles a DNS feature, like rewriting
queries, kubernetes service discovery or just exporting metrics. There are many other plugins,
each described on https://coredns.io/plugins
\[la]https://coredns.io/plugins\[ra] and their respective manual pages. Plugins not
bundled by default in CoreDNS are listed on https://coredns.io/explugins
\[la]https://coredns.io/explugins\[ra].
.PP
When started without options CoreDNS will look for a file named \fB\fCCorefile\fR in the current
directory, if found, it will parse its contents and start up accordingly. If no \fB\fCCorefile\fR is found
it will start with the \fIwhoami\fP plugin (coredns-whoami(7)) and start listening on port 53 (unless
overridden with \fB\fC-dns.port\fR).
.PP
Available options:
.TP
\fB-conf\fP \fBFILE\fP
specify Corefile to load, if not given CoreDNS will look for a \fB\fCCorefile\fR in the current
directory.
.TP
\fB-dns.port\fP \fBPORT\fP
override default port (53) to listen on.
.TP
\fB-pidfile\fP \fBFILE\fP
write PID to \fBFILE\fP.
.TP
\fB-plugins\fP
list all plugins and quit.
.TP
\fB-quiet\fP
don't print any version and port information on startup.
.TP
\fB-version\fP
show version and quit.
.SH "AUTHORS"
.PP
CoreDNS Authors.
.SH "COPYRIGHT"
.PP
Apache License 2.0
.SH "SEE ALSO"
.PP
Corefile(5) coredns-k8s_external(7) coredns-any(7) coredns-hosts(7) coredns-reload(7) coredns-acl(7) coredns-dnssec(7) coredns-health(7) coredns-grpc(7) coredns-sign(7) coredns-log(7) coredns-tls(7) coredns-file(7) coredns-root(7) coredns-loop(7) coredns-chaos(7) coredns-dnstap(7) coredns-pprof(7) coredns-bufsize(7) coredns-clouddns(7) coredns-loadbalance(7) coredns-cache(7) coredns-whoami(7) coredns-minimal(7) coredns-bind(7) coredns-erratic(7) coredns-auto(7) coredns-import(7) coredns-debug(7) coredns-template(7) coredns-azure(7) coredns-autopath(7) coredns-kubernetes(7) coredns-forward(7) coredns-nsid(7) coredns-secondary(7) coredns-route53(7) coredns-local(7) coredns-errors(7) coredns-transfer(7) coredns-ready(7) coredns-metadata(7) coredns-rewrite(7) coredns-metrics(7) coredns-dns64(7) coredns-etcd(7) coredns-cancel(7) coredns-trace(7).

207
man/corefile.5
View File

@ -1,207 +0,0 @@
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREFILE" 5 "March 2021" "CoreDNS" "CoreDNS"
.SH "NAME"
.PP
\fIcorefile\fP - configuration file for CoreDNS.
.SH "DESCRIPTION"
.PP
A \fIcorefile\fP specifies the internal servers CoreDNS should run and what plugins each of these
should chain. The syntax is as follows:
.PP
.RS
.nf
[SCHEME://]ZONE [[SCHEME://]ZONE]...[:PORT] {
[PLUGIN]...
}
.fi
.RE
.PP
The \fBZONE\fP defines for which name this server should be called, multiple zones are allowed and
should be \fIwhite space\fP separated. You can use a "reverse" syntax to specify a reverse zone (i.e.
ip6.arpa and in-addr.arpa), by using an IP address in the CIDR notation.
.PP
The optional \fBSCHEME\fP defaults to \fB\fCdns://\fR, but can also be \fB\fCtls://\fR (DNS over TLS), \fB\fCgrpc://\fR
(DNS over gRPC) or \fB\fChttps://\fR (DNS over HTTP/2).
.PP
The optional \fBPORT\fP controls on which port the server will bind, this default to 53. If you use
a port number here, you \fIcan't\fP override it with \fB\fC-dns.port\fR (coredns(1)), also see coredns-bind(7).
.PP
Specifying a \fBZONE\fP \fIand\fP \fBPORT\fP combination multiple times for \fIdifferent\fP servers will lead to
an error on startup.
.PP
When a query comes in, it is matched again all zones for all servers, the server with the longest
match on the query name will receive the query.
.PP
\fBPLUGIN\fP defines the plugin(s) we want to load into this server. This is optional as well, but as
server with no plugins will just return SERVFAIL for all queries. Each plugin can have a number of
properties than can have arguments, see the documentation for each plugin.
.PP
Comments are allowed and begin with an unquoted hash \fB\fC#\fR and continue to the end of the line.
Comments may be started anywhere on a line.
.PP
Environment variables are supported and either the Unix or Windows form may be used: \fB\fC{$ENV_VAR_1}\fR
or \fB\fC{%ENV_VAR_2%}\fR.
.PP
You can use the \fB\fCimport\fR "plugin" (See coredns-import(7)) to include parts of other files.
.PP
If CoreDNS cant find a Corefile to load it loads the following builtin one:
.PP
.RS
.nf
\&. {
whoami
log
}
.fi
.RE
.SH "IMPORT"
.PP
You can use the \fB\fCimport\fR "plugin" to include parts of other files, see
https://coredns.io/plugins/import
\[la]https://coredns.io/plugins/import\[ra], and coredns-import(7).
.SH "SNIPPETS"
.PP
If you want to reuse a snippet you can define one with and then use it with \fIimport\fP.
.PP
.RS
.nf
(mysnippet) {
log
whoami
}
\&. {
import mysnippet
}
.fi
.RE
.SH "EXAMPLES"
.PP
The \fBZONE\fP is root zone \fB\fC.\fR, the \fBPLUGIN\fP is \fIchaos\fP. The \fIchaos\fP plugin takes an (optional) argument:
\fB\fCCoreDNS-001\fR. This text is returned on a CH class query: \fB\fCdig CH TXT version.bind @localhost\fR.
.PP
.RS
.nf
\&. {
chaos CoreDNS\-001
}
.fi
.RE
.PP
When defining a new zone, you either create a new server, or add it to an existing one. Here we
define one server that handles two zones; that potentially chain different plugins:
.PP
.RS
.nf
example.org {
whoami
}
org {
whoami
}
.fi
.RE
.PP
Is identical to:
.PP
.RS
.nf
example.org org {
whoami
}
.fi
.RE
.PP
Reverse zones can be specified as domain names:
.PP
.RS
.nf
0.0.10.in\-addr.arpa {
whoami
}
.fi
.RE
.PP
or by just using the CIDR notation:
.PP
.RS
.nf
10.0.0.0/24 {
whoami
}
.fi
.RE
.PP
This also works on a non octet boundary:
.PP
.RS
.nf
10.0.0.0/27 {
whoami
}
.fi
.RE
.SH "AUTHORS"
.PP
CoreDNS Authors.
.SH "COPYRIGHT"
.PP
Apache License 2.0
.SH "SEE ALSO"
.PP
The manual page for CoreDNS: coredns(1) and more documentation on https://coredns.io
\[la]https://coredns.io\[ra].
Also see the \fIimport\fP
\[la]https://coredns.io/plugins/import\[ra]'s documentation and all the manual pages
for the plugins.

90
owners_generate.go
View File

@ -1,90 +0,0 @@
//+build ignore
// generates plugin/chaos/zowners.go.
package main
import (
"bufio"
"fmt"
"io/ioutil"
"log"
"os"
"sort"
"strings"
)
func main() {
// top-level OWNERS file
o, err := owners("CODEOWNERS")
if err != nil {
log.Fatal(err)
}
golist := `package chaos
// Owners are all GitHub handlers of all maintainers.
var Owners = []string{`
c := ", "
for i, a := range o {
if i == len(o)-1 {
c = "}"
}
golist += fmt.Sprintf("%q%s", a, c)
}
// to prevent `No newline at end of file` with gofmt
golist += "\n"
if err := ioutil.WriteFile("plugin/chaos/zowners.go", []byte(golist), 0644); err != nil {
log.Fatal(err)
}
return
}
func owners(path string) ([]string, error) {
// simple line, by line based format
//
// # In this example, @doctocat owns any files in the build/logs
// # directory at the root of the repository and any of its
// # subdirectories.
// /build/logs/ @doctocat
f, err := os.Open(path)
if err != nil {
return nil, err
}
scanner := bufio.NewScanner(f)
users := map[string]struct{}{}
for scanner.Scan() {
text := scanner.Text()
if len(text) == 0 {
continue
}
if text[0] == '#' {
continue
}
ele := strings.Fields(text)
if len(ele) == 0 {
continue
}
// ok ele[0] is the path, the rest are (in our case) github usernames prefixed with @
for _, s := range ele[1:] {
if len(s) <= 1 {
continue
}
users[s[1:]] = struct{}{}
}
}
if err := scanner.Err(); err != nil {
return nil, err
}
u := []string{}
for k := range users {
if strings.HasPrefix(k, "@") {
k = k[1:]
}
u = append(u, k)
}
sort.Strings(u)
return u, nil
}

9
plugin.cfg
View File

@ -28,16 +28,13 @@ bufsize:bufsize
root:root
bind:bind
debug:debug
trace:trace
ready:ready
health:health
pprof:pprof
prometheus:metrics
errors:errors
log:log
dnstap:dnstap
local:local
dns64:dns64
acl:acl
any:any
chaos:chaos
@ -50,15 +47,9 @@ minimal:minimal
template:template
transfer:transfer
hosts:hosts
route53:route53
azure:azure
clouddns:clouddns
k8s_external:k8s_external
kubernetes:kubernetes
file:file
auto:auto
secondary:secondary
etcd:etcd
loop:loop
forward:forward
grpc:grpc

6
plugin/acl/acl.go
View File

@ -4,9 +4,9 @@ import (
"context"
"net"
"github.com/coredns/coredns/plugin"
"github.com/coredns/coredns/plugin/metrics"
"github.com/coredns/coredns/request"
"coredns/plugin"
"coredns/plugin/metrics"
"coredns/request"
"github.com/infobloxopen/go-trees/iptree"
"github.com/miekg/dns"

4
plugin/acl/acl_test.go
View File

@ -4,8 +4,8 @@ import (
"context"
"testing"
"github.com/coredns/caddy"
"github.com/coredns/coredns/plugin/test"
"coredns/caddy"
"coredns/plugin/test"
"github.com/miekg/dns"
)

2
plugin/acl/metrics.go
View File

@ -1,7 +1,7 @@
package acl
import (
"github.com/coredns/coredns/plugin"
"coredns/plugin"
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/promauto"

6
plugin/acl/setup.go
View File

@ -4,9 +4,9 @@ import (
"net"
"strings"
"github.com/coredns/caddy"
"github.com/coredns/coredns/core/dnsserver"
"github.com/coredns/coredns/plugin"
"coredns/caddy"
"coredns/core/dnsserver"
"coredns/plugin"
"github.com/infobloxopen/go-trees/iptree"
"github.com/miekg/dns"

2
plugin/acl/setup_test.go
View File

@ -3,7 +3,7 @@ package acl
import (
"testing"
"github.com/coredns/caddy"
"coredns/caddy"
)
func TestSetup(t *testing.T) {

2
plugin/any/any.go
View File

@ -3,7 +3,7 @@ package any
import (
"context"
"github.com/coredns/coredns/plugin"
"coredns/plugin"
"github.com/miekg/dns"
)

4
plugin/any/any_test.go
View File

@ -4,8 +4,8 @@ import (
"context"
"testing"
"github.com/coredns/coredns/plugin/pkg/dnstest"
"github.com/coredns/coredns/plugin/test"
"coredns/plugin/pkg/dnstest"
"coredns/plugin/test"
"github.com/miekg/dns"
)

6
plugin/any/setup.go
View File

@ -1,9 +1,9 @@
package any
import (
"github.com/coredns/caddy"
"github.com/coredns/coredns/core/dnsserver"
"github.com/coredns/coredns/plugin"
"coredns/caddy"
"coredns/core/dnsserver"
"coredns/plugin"
)
func init() { plugin.Register("any", setup) }

12
plugin/auto/auto.go
View File

@ -6,12 +6,12 @@ import (
"regexp"
"time"
"github.com/coredns/coredns/plugin"
"github.com/coredns/coredns/plugin/file"
"github.com/coredns/coredns/plugin/metrics"
"github.com/coredns/coredns/plugin/pkg/upstream"
"github.com/coredns/coredns/plugin/transfer"
"github.com/coredns/coredns/request"
"coredns/plugin"
"coredns/plugin/file"
"coredns/plugin/metrics"
"coredns/plugin/pkg/upstream"
"coredns/plugin/transfer"
"coredns/request"
"github.com/miekg/dns"
)

2
plugin/auto/log_test.go
View File

@ -1,5 +1,5 @@
package auto
import clog "github.com/coredns/coredns/plugin/pkg/log"
import clog "coredns/plugin/pkg/log"
func init() { clog.Discard() }

14
plugin/auto/setup.go
View File

@ -6,13 +6,13 @@ import (
"regexp"
"time"
"github.com/coredns/caddy"
"github.com/coredns/coredns/core/dnsserver"
"github.com/coredns/coredns/plugin"
"github.com/coredns/coredns/plugin/metrics"
clog "github.com/coredns/coredns/plugin/pkg/log"
"github.com/coredns/coredns/plugin/pkg/upstream"
"github.com/coredns/coredns/plugin/transfer"
"coredns/caddy"
"coredns/core/dnsserver"
"coredns/plugin"
"coredns/plugin/metrics"
clog "coredns/plugin/pkg/log"
"coredns/plugin/pkg/upstream"
"coredns/plugin/transfer"
)
var log = clog.NewWithPlugin("auto")

2
plugin/auto/setup_test.go
View File

@ -4,7 +4,7 @@ import (
"testing"
"time"
"github.com/coredns/caddy"
"coredns/caddy"
)
func TestAutoParse(t *testing.T) {

2
plugin/auto/walk.go
View File

@ -5,7 +5,7 @@ import (
"path/filepath"
"regexp"
"github.com/coredns/coredns/plugin/file"
"coredns/plugin/file"
"github.com/miekg/dns"
)

2
plugin/auto/xfr.go
View File

@ -1,7 +1,7 @@
package auto
import (
"github.com/coredns/coredns/plugin/transfer"
"coredns/plugin/transfer"
"github.com/miekg/dns"
)

4
plugin/auto/zone.go
View File

@ -4,8 +4,8 @@ package auto
import (
"sync"
"github.com/coredns/coredns/plugin/file"
"github.com/coredns/coredns/plugin/transfer"
"coredns/plugin/file"
"coredns/plugin/transfer"
)
// Zones maps zone names to a *Zone. This keeps track of what zones we have loaded at

10
plugin/autopath/autopath.go
View File

@ -34,11 +34,11 @@ package autopath
import (
"context"
"github.com/coredns/coredns/plugin"
"github.com/coredns/coredns/plugin/metrics"
"github.com/coredns/coredns/plugin/pkg/dnsutil"
"github.com/coredns/coredns/plugin/pkg/nonwriter"
"github.com/coredns/coredns/request"
"coredns/plugin"
"coredns/plugin/metrics"
"coredns/plugin/pkg/dnsutil"
"coredns/plugin/pkg/nonwriter"
"coredns/request"
"github.com/miekg/dns"
)

6
plugin/autopath/autopath_test.go
View File

@ -4,9 +4,9 @@ import (
"context"
"testing"
"github.com/coredns/coredns/plugin"
"github.com/coredns/coredns/plugin/pkg/dnstest"
"github.com/coredns/coredns/plugin/test"
"coredns/plugin"
"coredns/plugin/pkg/dnstest"
"coredns/plugin/test"
"github.com/miekg/dns"
)

2
plugin/autopath/metrics.go
View File

@ -1,7 +1,7 @@
package autopath
import (
"github.com/coredns/coredns/plugin"
"coredns/plugin"
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/promauto"

6
plugin/autopath/setup.go
View File

@ -3,9 +3,9 @@ package autopath
import (
"fmt"
"github.com/coredns/caddy"
"github.com/coredns/coredns/core/dnsserver"
"github.com/coredns/coredns/plugin"
"coredns/caddy"
"coredns/core/dnsserver"
"coredns/plugin"
"github.com/miekg/dns"
)

4
plugin/autopath/setup_test.go
View File

@ -6,8 +6,8 @@ import (
"strings"
"testing"
"github.com/coredns/caddy"
"github.com/coredns/coredns/plugin/test"
"coredns/caddy"
"coredns/plugin/test"
)
func TestSetupAutoPath(t *testing.T) {

60
plugin/azure/README.md
View File

@ -1,60 +0,0 @@
# azure
## Name
*azure* - enables serving zone data from Microsoft Azure DNS service.
## Description
The azure plugin is useful for serving zones from Microsoft Azure DNS. The *azure* plugin supports
all the DNS records supported by Azure, viz. A, AAAA, CNAME, MX, NS, PTR, SOA, SRV, and TXT
record types. NS record type is not supported by azure private DNS.
## Syntax
~~~ txt
azure RESOURCE_GROUP:ZONE... {
tenant TENANT_ID
client CLIENT_ID
secret CLIENT_SECRET
subscription SUBSCRIPTION_ID
environment ENVIRONMENT
fallthrough [ZONES...]
access private
}
~~~
* **RESOURCE_GROUP:ZONE** is the resource group to which the hosted zones belongs on Azure,
and **ZONE** the zone that contains data.
* **CLIENT_ID** and **CLIENT_SECRET** are the credentials for Azure, and `tenant` specifies the
**TENANT_ID** to be used. **SUBSCRIPTION_ID** is the subscription ID. All of these are needed
to access the data in Azure.
* `environment` specifies the Azure **ENVIRONMENT**.
* `fallthrough` If zone matches and no record can be generated, pass request to the next plugin.
If **ZONES** is omitted, then fallthrough happens for all zones for which the plugin is
authoritative.
* `access` specifies if the zone is `public` or `private`. Default is `public`.
## Examples
Enable the *azure* plugin with Azure credentials for private zones `example.org`, `example.private`:
~~~ txt
example.org {
azure resource_group_foo:example.org resource_group_foo:example.private {
tenant 123abc-123abc-123abc-123abc
client 123abc-123abc-123abc-234xyz
subscription 123abc-123abc-123abc-563abc
secret mysecret
access private
}
}
~~~
## See Also
The [Azure DNS Overview](https://docs.microsoft.com/en-us/azure/dns/dns-overview).

Some files were not shown because too many files have changed in this diff Show More