Docker on Miek Gieben

Running CoreDNS as a Forwarder in Kubernetes

Sat, 13 Jan 2018 10:38:37 +0000

This post details how I got CoreDNS running as a forwarder in a Kubernetes cluster. There were several problems that stood in the way of this goal:

Having (and building) a cluster out of Raspberry PIs.
Making load balancing possible in a non-cloud environment.
- See https://github.com/google/metallb.
Extending CoreDNS with a plugin that could communicate with 9.9.9.9 using DNS-over-TLS.
- See https://github.com/coredns/forward.
Building arm docker containers on amd64.
- See https://github.com/miekg/dxbuild.
Having a (simple) CI system to build (Docker) images and version the k8s manifests.
- No published repository, see various gists referenced in this document.

Cluster

I bought 4 PIs, some nice Corkea cases, an Anker USB power supply and power- and network cables. Then it is just a matter if putting everything together and building the cluster.

Go and Alpine Linux

Sat, 06 Jun 2015 11:13:00 +0000

Alpine Linux is the small Linux OS everybody is using for Docker images. It is super small and has a sh*tload of packages. It’s libc is musl libc, which is different than glibc most other Linux distros are using. When deploying Go on such a image you want a truly static binary.

Building a static binary can be done with the following command (this is for SkyDNS):

% go build -ldflags "-linkmode external -extldflags -static"
# github.com/miekg/skydns
/var/tmp/go-link-FI6Ox0/000000.o: In function `_cgo_632c88804cec_C2func_getaddrinfo':
/home/miek/upstream/go/src/net/cgo_unix.go:55: warning: Using 'getaddrinfo' in
statically linked applications requires at runtime the shared libraries from the
glibc version used for linking

That ugly warning is because glibc uses nss(5) “Nameserver Service Switch” which uses dlopen(3) to dynamically load the correct resolver library. The end result is that the Go binary can’t resolve any DNS records!

Docker Alpine Linux Image for ARM

Mon, 25 May 2015 15:25:00 +0000

Alpine Linux is a super small Linux distribution which targets Docker. The only downside is that they use musl libc instead of glibc, which causes some issues for Golang programs. But I want this as a base image for SkyDNS on my Raspberry Pi, running HypriotOS.

After reading a modest amount of documentation I found the mkimage-alpine.sh script which build a docker image ala alpine, but makes it possible to select different archs. I had to tweak this script a little to make it do what I want, but after that it worked.

DNS Router

Sat, 17 May 2014 10:35:00 +0000

Say you have a zone that does not fit in the memory of one machine. Who hasn’t these zones nowadays? How would you solve such a problem? With a DNS router of course!

Dns router is a small Go program I whipped together that acts as a DNS router. Clients register an <ip:port, regexp> combination and will then only receive queries that match that regular expression. The registration happens in Etcd. Of course “Dns router” (I need a better name), has some features, it will: