Page MenuHomePhabricator
Create Task
Maniphest T344171

Reverse DNS for k8s pods IPs
Open, LowPublic
Actions

Description

Today while debugging tegola / thanos-swift interactions I noticed that k8s pod IP ranges have no PTR records in DNS, making debugging a little harder IMHO.

This task is thus to propose having PTRs synthesized for k8s pods IP ranges (i.e. even pointing to the same name I think would be helpful). cc T270071: SVC DNS zonefiles and source of truth as a related/adjacent task

Related Objects

Event Timeline

fgiunchedi created this task.Aug 14 2023, 3:41 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 14 2023, 3:41 PM
JMeybohm added a project: Prod-Kubernetes.Sep 20 2023, 4:54 PM
JMeybohm added a project: SRE.Sep 26 2023, 11:55 AM
JMeybohm added subscribers: Volans, BBlack, JMeybohm.

From IRC discussion today:

  • we do have already some for loops in the dns that generate kubernetes-pod-10-64-x-y.eqiad.wmnet records (grep for 'range' in dns repo)
  • the ranges are probably no longer correct
  • the ranges are missing aux, dse and ml clusters
  • the name is not ideal as it does not refer to a specific cluster, suggestion is to use 10-16-1-234.pods.<CLUSTER-GROUP>.<DC>.wmnet
CDanis triaged this task as Low priority.Sep 26 2023, 6:39 PM
CDanis subscribed.
CDanis edited projects, added serviceops; removed SRE.Sep 27 2023, 3:46 PM
JMeybohm moved this task from Incoming 🐫 to ⎈Kubernetes on the serviceops board.Sep 28 2023, 7:20 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL