github.com/wl4g/coredns-redisc
That can obtain zone resolution records from redis-cluster, it can be integrated with DoPaaS https://github.com/wl4g/dopaas, provides DoPaaS unified management web GUI.
English version goes here
For more configuration items, please refer to the coredns official website. For example, we give a general example:
.:53 {
loadbalance round_robin
# Load zones records from local /etc/hosts.
hosts {
fallthrough
}
# Load zones records from redis-cluster(default settings).
coredns_gdns {
address localhost:6379,localhost:6380,localhost:6381,localhost:7379,localhost:7380,localhost:7381
password "123456"
connect_timeout 5000
read_timeout 10000
write_timeout 5000
max_retries 10
pool_size 10
ttl 360
prefix _coredns:
local_cache_expire_ms 5000
}
# Up recursive DNS query server list.
# e.g. Google dns servers: 8.8.8.8, china telecom dns servers: 114.114.114.114,202.96.134.133,202.96.212.68
#forward . 8.8.8.8 114.114.114.114 {
# tls_servername dns.google
# force_tcp
# max_fails 3
# expire 10s
# health_check 5s
# policy sequential
# except www.baidu.com
#}
forward . 202.96.134.133 202.96.212.68 # In china
reload 6s
log . "{local}:{port} - {>id} '{type} {class} {name} {proto} {size} {>do} {>bufsize}' {rcode} {>rflags} {rsize} {duration}"
errors
}
address redis cluster node address host:port or ip:port, default: localhost:6379,localhost:6380,localhost:6381,localhost:7379,localhost:7380,localhost:7381password redis cluster password, default: emptyconnect_timeout connection timeout time, default: 5000msread_timeout data read timeout, default: 10000mswrite_timeout data write timeout, default: 5000msmax_retries Maximum number of retries, default: 10pool_size redis connection pool size, default: 10ttl zones resolve cache ttl, default: 360secprefix zones resolution record data is stored in redis-cluster key prefix, default: _coredns:local_cache_expire_ms zones resolving and record the validity period of the local cache, default: 5000ms (Note: In order to improve performance, the loading sequence of zones map data is in order: localCache -> redisCache -> db)Currently does not support direction resolution
Currently does not support direction resolution
Each zone is stored as a hash map in redis-cluster, with zone as the key. Note: According to the https://tools.ietf.org/html/rfc6763 protocol, it ends with a "." suffix. Such as:
redis-cli>KEYS *
1) "example.com."
2) "example.net."
redis-cli>
Stored in redis cluster in json string format, @ is used for RR value of the region itself. Such as:
{
"a":{
"ip": "1.2.3.4",
"ttl": 360
}
}
{
"aaaa":{
"ip": "::1",
"ttl": 360
}
}
{
"cname":{
"host": "x.example.com.",
"ttl": 360
}
}
{
"TXT":{
"text": "this is a text",
"ttl": 360
}
}
{
"ns":{
"host": "ns1.example.com.",
"ttl": 360
}
}
{
"mx":{
"host": "mx1.example.com",
"priority": 10,
"ttl": 360
}
}
{
"srv":{
"host": "sip.example.com.",
"port": 555,
"priority": 10,
"weight": 100,
"ttl": 360
}
}
{
"soa":{
"ttl": 100,
"mbox": "hostmaster.example.com.",
"ns": "ns1.example.com.",
"refresh": 44,
"retry": 55,
"expire": 66
}
}
{
"caa":{
"flag": 0,
"tag": "issue",
"value": "letsencrypt.org"
}
}
$ORIGIN example.net.
example.net. 300 IN SOA <SOA RDATA>
example.net. 300 NS ns1.example.net.
example.net. 300 NS ns2.example.net.
*.example.net. 300 TXT "this is a wildcard"
*.example.net. 300 MX 10 host1.example.net.
sub.*.example.net. 300 TXT "this is not a wildcard"
host1.example.net. 300 A 5.5.5.5
_ssh.tcp.host1.example.net. 300 SRV <SRV RDATA>
_ssh.tcp.host2.example.net. 300 SRV <SRV RDATA>
subdel.example.net. 300 NS ns1.subdel.example.net.
subdel.example.net. 300 NS ns2.subdel.example.net.
host2.example.net CAA 0 issue "letsencrypt.org"
The above zone data should be stored in redis-cluster as follows:
redis-cli> hgetall example.net.
1) "_ssh._tcp.host1"
2) "{\"srv\":[{\"ttl\":300, \"target\":\"tcp.example.com.\",\"port\":123,\"priority\" :10,\"weight\":100}]}"
3) "*"
4) "{\"txt\":[{\"ttl\":300, \"text\":\"this is a wildcard\"}],\"mx\":[{\"ttl\" :300, \"host\":\"host1.example.net.\",\"preference\": 10}]}"
5) "host1"
6) "{\"a\":[{\"ttl\":300, \"ip\":\"5.5.5.5\"}]}"
7) "sub.*"
8) "{\"txt\":[{\"ttl\":300, \"text\":\"this is not a wildcard\"}]}"
9) "_ssh._tcp.host2"
10) "{\"srv\":[{\"ttl\":300, \"target\":\"tcp.example.com.\",\"port\":123,\"priority\" :10,\"weight\":100}]}"
11) "subdel"
12) "{\"ns\":[{\"ttl\":300, \"host\":\"ns1.subdel.example.net.\"},{\"ttl\":300, \ "host\":\"ns2.subdel.example.net.\"}]}"
13) "@"
14) "{\"soa\":{\"ttl\":300, \"minttl\":100, \"mbox\":\"hostmaster.example.net.\",\"ns\": \"ns1.example.net.\",\"refresh\":44,\"retry\":55,\"expire\":66},\"ns\":[{\"ttl\": 300, \"host\":\"ns1.example.net.\"},{\"ttl\":300, \"host\":\"ns2.example.net.\"}]}"
15) "host2"
16)"{\"caa\":[{\"flag\":0, \"tag\":\"issue\", \"value\":\"letsencrypt.org\"}]}"
redis-cli>
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Ransomware payment rates hit an all-time low in 2024 as law enforcement crackdowns, stronger defenses, and shifting policies make attacks riskier and less profitable.
Security News
require(esm) backported to Node.js 20, easing the transition to ESM-only packages and reducing complexity for developers as Node 18 nears end-of-life.
Security News
PyPI now supports iOS and Android wheels, making it easier for Python developers to distribute mobile packages.