fi-ts · Gerrit91 · Sep 25, 2023 · Sep 21, 2023 · Sep 25, 2023
diff --git a/cmd/cluster.go b/cmd/cluster.go
@@ -312,6 +312,8 @@ func newClusterCmd(c *config) *cobra.Command {
 	clusterCreateCmd.Flags().String("default-storage-class", "", "set default storage class to given name, must be one of the managed storage classes")
 	clusterCreateCmd.Flags().String("max-pods-per-node", "", "set number of maximum pods per node (default: 510). Lower numbers allow for more node per cluster. [optional]")
 	clusterCreateCmd.Flags().String("cni", "", "the network plugin used in this cluster, defaults to calico. please note that cilium support is still Alpha and we are happy to receive feedback. [optional]")
+	clusterCreateCmd.Flags().BoolP("enable-node-local-dns", "", false, "enables node local dns cache on the cluster nodes. [optional].")
+	clusterCreateCmd.Flags().BoolP("disable-forwarding-to-upstream-dns", "", false, "disables direct forwarding of queries to external dns servers when node-local-dns is enabled. All dns queries will go through coredns. [optional].")
 
 	must(clusterCreateCmd.MarkFlagRequired("name"))
 	must(clusterCreateCmd.MarkFlagRequired("project"))
@@ -397,6 +399,8 @@ func newClusterCmd(c *config) *cobra.Command {
 	clusterUpdateCmd.Flags().Bool("encrypted-storage-classes", false, "enables the deployment of encrypted duros storage classes into the cluster. please refer to the user manual to properly use volume encryption.")
 	clusterUpdateCmd.Flags().String("default-storage-class", "", "set default storage class to given name, must be one of the managed storage classes")
 	clusterUpdateCmd.Flags().BoolP("disable-custom-default-storage-class", "", false, "if set to true, no default class is deployed, you have to set one of your storageclasses manually to default")
+	clusterUpdateCmd.Flags().BoolP("enable-node-local-dns", "", false, "enables node local dns cache on the cluster nodes. [optional]. WARNING: changing this value will lead to rolling of the worker nodes [optional]")
+	clusterUpdateCmd.Flags().BoolP("disable-forwarding-to-upstream-dns", "", false, "disables direct forwarding of queries to external dns servers when node-local-dns is enabled. All dns queries will go through coredns [optional].")
 
 	must(clusterUpdateCmd.RegisterFlagCompletionFunc("version", c.comp.VersionListCompletion))
 	must(clusterUpdateCmd.RegisterFlagCompletionFunc("workerversion", c.comp.VersionListCompletion))
@@ -519,6 +523,8 @@ func (c *config) clusterCreate() error {
 	firewallController := viper.GetString("firewallcontroller")
 	logAcceptedConnections := strconv.FormatBool(viper.GetBool("logacceptedconns"))
 	encryptedStorageClasses := strconv.FormatBool(viper.GetBool("encrypted-storage-classes"))
+	enableNodeLocalDNS := viper.GetBool("enable-node-local-dns")
+	disableForwardToUpstreamDNS := viper.GetBool("disable-forwarding-to-upstream-dns")
 
 	cri := viper.GetString("cri")
 	var cni string
@@ -693,6 +699,26 @@ func (c *config) clusterCreate() error {
 		scr.SeedName = seed
 	}
 
+	if viper.IsSet("enable-node-local-dns") {
+		if scr.SystemComponents == nil {
+			scr.SystemComponents = &models.V1SystemComponents{}
+		}
+		if scr.SystemComponents.NodeLocalDNS == nil {
+			scr.SystemComponents.NodeLocalDNS = &models.V1NodeLocalDNS{}
+		}
+
+		scr.SystemComponents.NodeLocalDNS.Enabled = &enableNodeLocalDNS
+	}
+	if viper.IsSet("disable-forwarding-to-upstream-dns") {
+		if scr.SystemComponents == nil {
+			scr.SystemComponents = &models.V1SystemComponents{}
+		}
+		if scr.SystemComponents.NodeLocalDNS == nil {
+			scr.SystemComponents.NodeLocalDNS = &models.V1NodeLocalDNS{}
+		}
+		scr.SystemComponents.NodeLocalDNS.DisableForwardToUpstreamDNS = &disableForwardToUpstreamDNS
+	}
+
 	egressRules := makeEgressRules(egress)
 	if len(egressRules) > 0 {
 		scr.EgressRules = egressRules
@@ -921,6 +947,9 @@ func (c *config) updateCluster(args []string) error {
 	maxsurge := viper.GetString("maxsurge")
 	maxunavailable := viper.GetString("maxunavailable")
 
+	enableNodeLocalDNS := viper.GetBool("enable-node-local-dns")
+	disableForwardToUpstreamDNS := viper.GetBool("disable-forwarding-to-upstream-dns")
+
 	defaultStorageClass := viper.GetString("default-storage-class")
 	disableDefaultStorageClass := viper.GetBool("disable-custom-default-storage-class")
 
@@ -1247,6 +1276,30 @@ func (c *config) updateCluster(args []string) error {
 
 	cur.EgressRules = makeEgressRules(egress)
 
+	if viper.IsSet("enable-node-local-dns") {
+		if !viper.GetBool("yes-i-really-mean-it") {
+			return fmt.Errorf("setting --enable-node-local-dns will lead to rolling of worker nodes. Please add --yes-i-really-mean-it")
+		}
+
+		if cur.SystemComponents == nil {
+			cur.SystemComponents = &models.V1SystemComponents{}
+		}
+		if cur.SystemComponents.NodeLocalDNS == nil {
+			cur.SystemComponents.NodeLocalDNS = &models.V1NodeLocalDNS{}
+		}
+		cur.SystemComponents.NodeLocalDNS.Enabled = &enableNodeLocalDNS
+
+	}
+	if viper.IsSet("disable-forwarding-to-upstream-dns") {
+		if cur.SystemComponents == nil {
+			cur.SystemComponents = &models.V1SystemComponents{}
+		}
+		if cur.SystemComponents.NodeLocalDNS == nil {
+			cur.SystemComponents.NodeLocalDNS = &models.V1NodeLocalDNS{}
+		}
+		cur.SystemComponents.NodeLocalDNS.DisableForwardToUpstreamDNS = &disableForwardToUpstreamDNS
+	}
+
 	if updateCausesDowntime && !viper.GetBool("yes-i-really-mean-it") {
 		fmt.Println("This cluster update will cause downtime.")
 		err = helper.Prompt("Are you sure? (y/n)", "y")

diff --git a/go.mod b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/dcorbe/termui-dpc v0.0.0-20211125210512-9d2673a82dd6
 	github.com/dustin/go-humanize v1.0.1
 	github.com/fatih/color v1.15.0
-	github.com/fi-ts/cloud-go v0.22.0
+	github.com/fi-ts/cloud-go v0.22.1
 	github.com/gardener/gardener v1.59.0
 	github.com/gardener/machine-controller-manager v0.49.3
 	github.com/go-openapi/strfmt v0.21.7

diff --git a/go.sum b/go.sum
@@ -151,8 +151,8 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.m
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
 github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
-github.com/fi-ts/cloud-go v0.22.0 h1:ld8EhZ97+coNaHgRlX7KisyhJY0GBjvXT7L0xzMvQpk=
-github.com/fi-ts/cloud-go v0.22.0/go.mod h1:BYrXp1jTvfxYRiL0B+LE+6ZDp3GF110y9Sr2tuRJo5c=
+github.com/fi-ts/cloud-go v0.22.1 h1:VKzwA5I8G+MNmBu4XTVjG1hahkk/7xcte6UvawXG0dk=
+github.com/fi-ts/cloud-go v0.22.1/go.mod h1:BYrXp1jTvfxYRiL0B+LE+6ZDp3GF110y9Sr2tuRJo5c=
 github.com/frankban/quicktest v1.14.5 h1:dfYrrRyLtiqT9GyKXgdh+k4inNeTvmGbuSgZ3lx3GhA=
 github.com/frankban/quicktest v1.14.5/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
 github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=