From 4ffe138dfaf400637acaf334d9e88528971fa372 Mon Sep 17 00:00:00 2001
From: Maxime Leroy <19607336+maxime1907@users.noreply.github.com>
Date: Fri, 12 May 2023 23:32:46 +0200
Subject: [PATCH] feat(coredns): coredns_rewrite_block to perform internal
 message rewriting (#10045)

Signed-off-by: Maxime Leroy <19607336+maxime1907@users.noreply.github.com>
---
 docs/dns-stack.md                                          | 4 ++++
 roles/kubernetes-apps/ansible/defaults/main.yml            | 7 +++++++
 .../ansible/templates/coredns-config.yml.j2                | 3 +++
 3 files changed, 14 insertions(+)

diff --git a/docs/dns-stack.md b/docs/dns-stack.md
index f1675127a..09d608227 100644
--- a/docs/dns-stack.md
+++ b/docs/dns-stack.md
@@ -64,6 +64,10 @@ Custom options to be added to the kubernetes coredns plugin.
 
 Extra domains to be forwarded to the kubernetes coredns plugin.
 
+### coredns_rewrite_block
+
+[Rewrite](https://coredns.io/plugins/rewrite/) plugin block to perform internal message rewriting.
+
 ### coredns_external_zones
 
 Array of optional external zones to coredns forward queries to. It's  injected into
diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml
index 68f3c7856..8aa767f99 100644
--- a/roles/kubernetes-apps/ansible/defaults/main.yml
+++ b/roles/kubernetes-apps/ansible/defaults/main.yml
@@ -18,6 +18,13 @@ coredns_default_zone_cache_block: |
 #   whoami
 #   local
 
+# coredns_rewrite_block: |
+#   rewrite stop {
+#     name regex (.*)\.my\.domain {1}.svc.cluster.local
+#     answer name (.*)\.svc\.cluster\.local {1}.my.domain
+#   }
+
+
 # dns_upstream_forward_extra_opts apply to coredns forward section as well as nodelocaldns upstream target forward section
 # dns_upstream_forward_extra_opts:
 #   policy: sequential
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
index 2fb409177..037378042 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
@@ -38,6 +38,9 @@ data:
         health {
             lameduck 5s
         }
+{% if coredns_rewrite_block is defined %}
+        {{ coredns_rewrite_block | indent(width=8, first=False) }}
+{% endif %}
         ready
         kubernetes {{ dns_domain }} {% if coredns_kubernetes_extra_domains is defined %}{{ coredns_kubernetes_extra_domains }} {% endif %}{% if enable_coredns_reverse_dns_lookups %}in-addr.arpa ip6.arpa {% endif %}{
           pods insecure
-- 
GitLab