[THREESCALE-9301] Fix dns cache miss #1500

tkan145 · 2024-10-14T06:05:59Z

What

Fix https://issues.redhat.com/browse/THREESCALE-9301

Notes

Before

Description	qname	queries	answer	cached key
shortname	backend-listener	backend-listener. backend-listener.default.svc.cluster.loca backend-listener.svc.cluster.local backend-listener.cluster.local	name: backend-listener.default.svc.cluster.local address: 10.7.0.1 type: A	backend-listener.default.svc.cluster.local
FQDN	backend-listener.default.svc.cluster.local	backend-listener.default.svc.cluster.local. backend-listener.default.svc.cluster.local.default.svc.cluster.local backend-listener.default.svc.cluster.local.svc.cluster.local backend-listener.default.svc.cluster.local.cluster.local	name: backend-listener.default.svc.cluster.local. address:10.7.0.1 type: A	backend-listener.default.svc.cluster.local.
FQDN	foo.example.com	foo.example.com. foo.example.com.default.svc.cluster.local foo.example.svc.cluster.local foo.example.cluster.local	name: foo.example.com. address: 10.7.0.1	foo.example.com.
Absolute FQDN	foo.example.com.	foo.example.com.	name: foo.example.com. address: 10.7.0.1	foo.example.com.

Now

Description	qname	queries	answer	cached key
shortname	backend-listener	backend-listener. backend-listener.default.svc.cluster.loca backend-listener.svc.cluster.local backend-listener.cluster.local	name: backend-listener.default.svc.cluster.local address: 10.7.0.1 type: A	backend-listener:1
FQDN	backend-listener.default.svc.cluster.local	backend-listener.default.svc.cluster.local. backend-listener.default.svc.cluster.local.default.svc.cluster.local backend-listener.default.svc.cluster.local.svc.cluster.local backend-listener.default.svc.cluster.local.cluster.local	name: backend-listener.default.svc.cluster.local. address:10.7.0.1 type: A	backend-listener.default.svc.cluster.local:1
FQDN	foo.example.com	foo.example.com. foo.example.com.default.svc.cluster.local foo.example.svc.cluster.local foo.example.cluster.local	name: foo.example.com. address: 10.7.0.1	foo.example.com:1
Absolute FQDN	foo.example.com.	foo.example.com.	name: foo.example.com. address: 10.7.0.1	foo.example.com.:1

Verification steps

Checkout master branch
Start development environment

make development

Create a apicast-config.json file with the following content

cat <<EOF >apicast-config.json
{
    "services": [
        {
            "id": "1",
            "backend_version": "1",
            "proxy": {
                "hosts": [
                    "one"
                ],
                "api_backend": "https://echo-api.3scale.net:443",
                "backend": {
                    "endpoint": "http://127.0.0.1:8081",
                    "host": "backend"
                },
                "policy_chain": [
                    {
                        "name": "apicast.policy.apicast"
                    }
                ],
                "proxy_rules": [
                    {
                        "http_method": "GET",
                        "pattern": "/",
                        "metric_system_name": "hits",
                        "delta": 1,
                        "parameters": [],
                        "querystring_parameters": {}
                    }
                ]
            }
        }
    ]
} 
EOF

Start APIcast

THREESCALE_DEPLOYMENT_ENV=staging APICAST_LOG_LEVEL=debug APICAST_WORKER=1 APICAST_CONFIGURATION_LOADER=lazy APICAST_CONFIGURATION_CACHE=0 THREESCALE_CONFIG_FILE=apicast-config.json ./bin/apicast

Capture APIcast IP

APICAST_IP=$(docker inspect apicast_build_0-development-1 | yq e -P '.[0].NetworkSettings.Networks.apicast_build_0_default.IPAddress' -)

Send request

curl -i -k -H "Host: one" -H "Accept: application/json" "http://${APICAST_IP}:8080/?user_key="

Send another request

curl -i -k -H "Host: one" -H "Accept: application/json" "http://${APICAST_IP}:8080/?user_key="

Check the log, you should see something like the follow

22 resolver.lua:350: lookup(): resolver query: echo-api.3scale.net, requestID=41877adab1e263e2d68f62c699a4aea2                                          
22 cache.lua:115: fetch_answers(): resolver cache read echo-api.3scale.net 1 entries, requestID=41877adab1e263e2d68f62c699a4aea2                        
22 cache.lua:115: fetch_answers(): resolver cache read echo-api.pro-saas.3sca.net 3 entries, requestID=41877adab1e263e2d68f62c699a4aea2                 
22 cache.lua:190: get(): resolver cache hit: echo-api.3scale.net 3.213.166.152, 54.157.201.86, 52.72.133.221, requestID=41877adab1e263e2d68f62c699a4aea2
22 resolver.lua:370: lookup(): resolver query: echo-api.3scale.net finished with 4 answers, requestID=41877adab1e263e2d68f62c699a4aea2

Stop APIcast

CTRL-C

Checkout this branch
Start APIcast again

THREESCALE_DEPLOYMENT_ENV=staging APICAST_LOG_LEVEL=debug APICAST_WORKER=1 APICAST_CONFIGURATION_LOADER=lazy APICAST_CONFIGURATION_CACHE=0 THREESCALE_CONFIG_FILE=apicast-config.json ./bin/apicast

Send 2 requests
Check the log, it should use key with <qname:qtype> format

cache.lua:130: fetch_answers(): resolver cache read echo-api.3scale.net:1 3 entries, requestID=a48f515c452e71c0fafb79c1f75d0205                        
cache.lua:205: get(): resolver cache hit: echo-api.3scale.net:1 3.213.166.152, 54.157.201.86, 52.72.133.221, requestID=a48f515c452e71c0fafb79c1f75d0205
resolver.lua:405: get_servers(): resolver query: echo-api.3scale.net finished with 3 answers, requestID=a48f515c452e71c0fafb79c1f75d0205

Previously, we iterated through the answer and used the name contained in the answer as the cache key. The problem with this is that if search domain is added to the search query, the next query lookup will not hit the cache until the same search domain is appened to the query. With this PR, we use a combination of original qname and qtype as cache key instead

eguzki

LGTM

verfification steps working

There was some gdoc explaining the DNS resolution process in APIcast. Not for this PR, but we want some content of it in README of this repo. Whenever you have some time.

tkan145 force-pushed the THREESCALE-9301-dns-cache-miss branch from cfffe58 to ac0fd3c Compare October 17, 2024 06:25

tkan145 added 2 commits October 21, 2024 14:17

Rename semaphore variable name for better readability

b247e0a

[script] Update outdated path in resolver script

809f033

tkan145 force-pushed the THREESCALE-9301-dns-cache-miss branch from 7903bf5 to 0b7b013 Compare October 21, 2024 06:18

tkan145 added 2 commits October 22, 2024 22:29

[resolver] Always lookup in the cache first

f1d4d00

[resolver] refactor search list

ce6d249

tkan145 force-pushed the THREESCALE-9301-dns-cache-miss branch from 0b7b013 to b532494 Compare October 24, 2024 01:21

tkan145 force-pushed the THREESCALE-9301-dns-cache-miss branch from b532494 to 8d92b0d Compare October 24, 2024 05:10

[resolver] Correct the key used for logging

30711af

tkan145 marked this pull request as ready for review October 24, 2024 10:24

tkan145 requested a review from a team as a code owner October 24, 2024 10:24

tkan145 changed the title ~~[WIP] [THREESCALE-9301] Fix dns cache miss~~ [THREESCALE-9301] Fix dns cache miss Oct 24, 2024

eguzki approved these changes Oct 31, 2024

View reviewed changes

tkan145 merged commit 938929b into 3scale:master Nov 4, 2024
14 checks passed

tkan145 deleted the THREESCALE-9301-dns-cache-miss branch November 4, 2024 00:10

tkan145 mentioned this pull request Nov 11, 2024

Trigger Alert CoreDNSErrorsHigh with OpenShift 4.11.9 #1388

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[THREESCALE-9301] Fix dns cache miss #1500

[THREESCALE-9301] Fix dns cache miss #1500

tkan145 commented Oct 14, 2024 •

edited

Loading

eguzki left a comment

[THREESCALE-9301] Fix dns cache miss #1500

[THREESCALE-9301] Fix dns cache miss #1500

Conversation

tkan145 commented Oct 14, 2024 • edited Loading

What

Notes

Verification steps

eguzki left a comment

Choose a reason for hiding this comment

tkan145 commented Oct 14, 2024 •

edited

Loading