Automation for DNS and Connection Check by using APIs at k8s layer

jayeshmahajan · September 21, 2024, 12:45am

In my experience here and while working in different organization due to compliance, trust, team structure the permissions to network layer devices as well as for k8s admin the permissions are restricted. Developer do not get access.

Any developer who wants to open a network port at firewall layer at VPC/VPN/AWS (security group) or routing layer from one vpc to other or on prem connection they are heavily dependent on k8s admins or network team to check the connection.
The only reason they do not have access to k8s to do curl, tcp port check or nslookup.

To empower developer to be not dependent on network or k8s admin, I built APIs that will automate this.
Here is my code and few examples.

Features

TCP Connection Check: Verifies the ability to establish a TCP connection to a specified domain and port.
HTTP/HTTPS Connection Check: Verifies the ability to establish an HTTP/HTTPS connection to a specified domain.
DNS Resolution: Provides detailed DNS information including CNAME and all resolved IP addresses.
Pretty-Printed JSON Responses: Returns responses in a readable JSON format.
SSL Error Handling: Captures and returns detailed SSL errors.
Rate Limiting: Prevents attack on app server by adding rate limiting for accidental overload of app

docker run -d -p 8080:8080 --name cloud-devops-api --dns 8.8.8.8 cloud-devops-api

curl 'http://127.0.0.1:8080/check_connection?port=80&domain=example.com'

{
    "message": "TCP connection successful",
    "dns_result": {
        "cname": null,
        "ips": [
            "93.184.215.14"
        ]
    }
}

curl 'http://127.0.0.1:8080/check_http_connection?domain=www.google.com'

{
    "message": "HTTP connection successful",
    "dns_result": {
        "cname": null,
        "ips": [
            "142.250.81.238"
        ]
    }
}

if it cant resolve

{
    "error": "DNS resolution failed: A DNS label is empty."
}

Cluster information:

Kubernetes version:
Cloud being used: (put bare-metal if not on a public cloud)
Installation method:
Host OS:
CNI and version:
CRI and version:

You can format your yaml by highlighting it and pressing Ctrl-Shift-C, it will make your output easier to read.

Akn · September 22, 2024, 7:33pm

This is fantastic! Thank you for sharing

Topic		Replies	Views
【HELP】about k8s networkpolicy please give me a hand General Discussions network	1	521	May 28, 2021
How to check pod VPC and subnet General Discussions development , podcast	4	4365	September 21, 2024
External-dns test DNS server rechability General Discussions	0	836	April 19, 2021
Blog: Kubernetes Networking Internals General Discussions k8s-blog	3	4075	January 13, 2021
CoreDNS service pingable, but DNS resolution is not querying the service General Discussions	1	4124	December 11, 2019

Automation for DNS and Connection Check by using APIs at k8s layer

Features

Cluster information:

Related topics