Add global setting for dns lookup family (#10755)

Author: lgadban

internal/kgateway/extensions2/settings/settings.go

@@ -5,6 +5,14 @@ import (
 )
 
 type Settings struct {
+	// Controls the DnsLookupFamily for all static clusters created via Backend resources.
+	// If not set, kgateway will default to "V4_PREFERRED". Note that this is different
+	// from the Envoy default of "AUTO", which is effectively "V6_PREFERRED".
+	// Supported values are: "ALL", "AUTO", "V4_PREFERRED", "V4_ONLY", "V6_ONLY"
+	// Details on the behavior of these options are available on the Envoy documentation:
+	// https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto#enum-config-cluster-v3-cluster-dnslookupfamily
+	DnsLookupFamily string `split_words:"true" default:"V4_PREFERRED"`
+
 	EnableIstioIntegration bool   `split_words:"true"`
 	EnableAutoMtls         bool   `split_words:"true"`
 	StsClusterName         string `split_words:"true"`

internal/kgateway/extensions2/settings/settings_test.go

@@ -5,7 +5,6 @@ import (
 	"testing"
 
 	"github.com/onsi/gomega"
-	. "github.com/onsi/gomega"
 
 	"github.com/kgateway-dev/kgateway/v2/internal/kgateway/extensions2/settings"
 	"github.com/kgateway-dev/kgateway/v2/internal/kgateway/wellknown"
@@ -26,9 +25,12 @@ func TestSettings(t *testing.T) {
 		expectedErrorStr string
 	}{
 		{
+			// TODO: this test case does not fail when a new field is added to Settings
+			// but not updated here. should it?
 			name:    "defaults to empty or default values",
 			envVars: map[string]string{},
 			expectedSettings: &settings.Settings{
+				DnsLookupFamily:        "V4_PREFERRED",
 				EnableIstioIntegration: false,
 				EnableAutoMtls:         false,
 				StsClusterName:         "",
@@ -40,6 +42,7 @@ func TestSettings(t *testing.T) {
 		{
 			name: "all values set",
 			envVars: map[string]string{
+				"KGW_DNS_LOOKUP_FAMILY":        "V4_ONLY",
 				"KGW_ENABLE_ISTIO_INTEGRATION": "true",
 				"KGW_ENABLE_AUTO_MTLS":         "true",
 				"KGW_STS_CLUSTER_NAME":         "my-cluster",
@@ -48,6 +51,7 @@ func TestSettings(t *testing.T) {
 				"KGW_XDS_SERVICE_PORT":         "1234",
 			},
 			expectedSettings: &settings.Settings{
+				DnsLookupFamily:        "V4_ONLY",
 				EnableIstioIntegration: true,
 				EnableAutoMtls:         true,
 				StsClusterName:         "my-cluster",
@@ -78,9 +82,10 @@ func TestSettings(t *testing.T) {
 				"KGW_ENABLE_AUTO_MTLS": "true",
 			},
 			expectedSettings: &settings.Settings{
-				EnableAutoMtls: true,
-				XdsServiceName: wellknown.DefaultXdsService,
-				XdsServicePort: wellknown.DefaultXdsPort,
+				DnsLookupFamily: "V4_PREFERRED",
+				EnableAutoMtls:  true,
+				XdsServiceName:  wellknown.DefaultXdsService,
+				XdsServicePort:  wellknown.DefaultXdsPort,
 			},
 		},
 	}
@@ -92,21 +97,21 @@ func TestSettings(t *testing.T) {
 			t.Cleanup(func() {
 				for k := range tc.envVars {
 					err := os.Unsetenv(k)
-					g.Expect(err).NotTo(HaveOccurred())
+					g.Expect(err).NotTo(gomega.HaveOccurred())
 				}
 			})
 
 			for k, v := range tc.envVars {
 				err := os.Setenv(k, v)
-				g.Expect(err).NotTo(HaveOccurred())
+				g.Expect(err).NotTo(gomega.HaveOccurred())
 			}
 			s, err := settings.BuildSettings()
 			if tc.expectedErrorStr != "" {
-				g.Expect(err).To(HaveOccurred())
+				g.Expect(err).To(gomega.HaveOccurred())
 				g.Expect(err.Error()).To(gomega.ContainSubstring(tc.expectedErrorStr))
 			} else {
-				g.Expect(err).NotTo(HaveOccurred())
-				g.Expect(s).To(Equal(tc.expectedSettings))
+				g.Expect(err).NotTo(gomega.HaveOccurred())
+				g.Expect(s).To(gomega.Equal(tc.expectedSettings))
 			}
 		})
 	}

internal/kgateway/setup/ggv2setup_test.go

@@ -107,18 +107,32 @@ func init() {
 	grpclog.SetLoggerV2(grpclog.NewLoggerV2WithVerbosity(writer, writer, writer, 100))
 }
 
+func TestWithAutoDns(t *testing.T) {
+	os.Setenv("KGW_DNS_LOOKUP_FAMILY", "AUTO")
+	t.Cleanup(func() {
+		os.Unsetenv("KGW_DNS_LOOKUP_FAMILY")
+	})
+	runScenario(t, "testdata/autodns")
+}
+
 func TestScenarios(t *testing.T) {
+	// set global settings env vars; "default" ggv2setup_tests assume these are set to true
+	os.Setenv("KGW_ENABLE_ISTIO_INTEGRATION", "true")
+	os.Setenv("KGW_ENABLE_AUTO_MTLS", "true")
+	t.Cleanup(func() {
+		os.Unsetenv("KGW_ENABLE_ISTIO_INTEGRATION")
+		os.Unsetenv("KGW_ENABLE_AUTO_MTLS")
+	})
+	runScenario(t, "testdata")
+}
+
+func runScenario(t *testing.T, scenarioDir string) {
 	proxy_syncer.UseDetailedUnmarshalling = true
 	writer.set(t)
 
 	os.Setenv("POD_NAMESPACE", "gwtest") // TODO: is this still needed?
-	// set global settings env vars; current ggv2setup_tests all assume these are set to true
-	os.Setenv("KGW_ENABLE_ISTIO_INTEGRATION", "true")
-	os.Setenv("KGW_ENABLE_AUTO_MTLS", "true")
 	t.Cleanup(func() {
 		os.Unsetenv("POD_NAMESPACE")
-		os.Unsetenv("KGW_ENABLE_ISTIO_INTEGRATION")
-		os.Unsetenv("KGW_ENABLE_AUTO_MTLS")
 	})
 
 	testEnv := &envtest.Environment{
@@ -203,15 +217,15 @@ func TestScenarios(t *testing.T) {
 	time.Sleep(time.Second)
 
 	// list all yamls in test data
-	files, err := os.ReadDir("testdata")
+	files, err := os.ReadDir(scenarioDir)
 	if err != nil {
 		t.Fatalf("failed to read dir: %v", err)
 	}
 	for _, f := range files {
 		// run tests with the yaml files (but not -out.yaml files)/s
 		parentT := t
 		if strings.HasSuffix(f.Name(), ".yaml") && !strings.HasSuffix(f.Name(), "-out.yaml") {
-			fullpath := filepath.Join("testdata", f.Name())
+			fullpath := filepath.Join(scenarioDir, f.Name())
 			t.Run(strings.TrimSuffix(f.Name(), ".yaml"), func(t *testing.T) {
 				writer.set(t)
 				t.Cleanup(func() {

internal/kgateway/setup/testdata/accesslog-filtercel-httplisteneropt-out.yaml

@@ -98,6 +98,7 @@ clusters:
         '@type': type.googleapis.com/envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer
   type: EDS
 - connectTimeout: 5s
+  dnsLookupFamily: V4_PREFERRED
   loadAssignment:
     clusterName: backend_gwtest_log_0
     endpoints:

internal/kgateway/setup/testdata/ai-anthropic-passthrough-out.yaml

@@ -64,6 +64,7 @@ clusters:
         '@type': type.googleapis.com/envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer
   type: EDS
 - connectTimeout: 5s
+  dnsLookupFamily: V4_PREFERRED
   loadAssignment:
     clusterName: backend_gwtest_anthropic_0
     endpoints:

internal/kgateway/setup/testdata/ai-deepseek-prompt-guard-out.yaml

@@ -64,6 +64,7 @@ clusters:
         '@type': type.googleapis.com/envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer
   type: EDS
 - connectTimeout: 5s
+  dnsLookupFamily: V4_PREFERRED
   loadAssignment:
     clusterName: backend_gwtest_deepseek_0
     endpoints:

internal/kgateway/setup/testdata/ai-openai-moderation-promptguard-out.yaml

@@ -64,6 +64,7 @@ clusters:
         '@type': type.googleapis.com/envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer
   type: EDS
 - connectTimeout: 5s
+  dnsLookupFamily: V4_PREFERRED
   loadAssignment:
     clusterName: backend_gwtest_openai_0
     endpoints:

internal/kgateway/setup/testdata/ai-vertex-ai-streaming-out.yaml

@@ -64,6 +64,7 @@ clusters:
         '@type': type.googleapis.com/envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer
   type: EDS
 - connectTimeout: 5s
+  dnsLookupFamily: V4_PREFERRED
   loadAssignment:
     clusterName: backend_gwtest_vertexai_0
     endpoints:

internal/kgateway/setup/testdata/autodns/backend-out.yaml

@@ -0,0 +1,77 @@
+clusters:
+- connectTimeout: 5s
+  loadAssignment:
+    clusterName: backend_gwtest_static_0
+    endpoints:
+    - lbEndpoints:
+      - endpoint:
+          address:
+            socketAddress:
+              address: 1.2.3.4
+              portValue: 8080
+          healthCheckConfig:
+            hostname: 1.2.3.4
+          hostname: 1.2.3.4
+  metadata: {}
+  name: backend_gwtest_static_0
+  type: STATIC
+- connectTimeout: 5s
+  edsClusterConfig:
+    edsConfig:
+      ads: {}
+      resourceApiVersion: V3
+  metadata: {}
+  name: kube_default_kubernetes_443
+  type: EDS
+- connectTimeout: 5s
+  edsClusterConfig:
+    edsConfig:
+      ads: {}
+      resourceApiVersion: V3
+  metadata: {}
+  name: kube_gwtest_http-backend_8080
+  type: EDS
+listeners:
+- address:
+    socketAddress:
+      address: '::'
+      ipv4Compat: true
+      portValue: 8080
+  filterChains:
+  - filters:
+    - name: envoy.filters.network.http_connection_manager
+      typedConfig:
+        '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+        httpFilters:
+        - name: envoy.filters.http.router
+          typedConfig:
+            '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
+        mergeSlashes: true
+        normalizePath: true
+        rds:
+          configSource:
+            ads: {}
+            resourceApiVersion: V3
+          routeConfigName: http
+        statPrefix: http
+        useRemoteAddress: true
+    name: http
+  name: http
+routes:
+- ignorePortInHostMatching: true
+  name: http
+  virtualHosts:
+  - domains:
+    - www.example.com
+    name: http~www_example_com
+    routes:
+    - match:
+        prefix: /
+      name: http~www_example_com-route-0-httproute-route-to-upstream-gwtest-0-0-matcher-0
+      route:
+        cluster: backend_gwtest_static_0
+        clusterNotFoundResponseCode: INTERNAL_SERVER_ERROR
+      typedPerFilterConfig:
+        ai.extproc.kgateway.io:
+          '@type': type.googleapis.com/envoy.extensions.filters.http.ext_proc.v3.ExtProcPerRoute
+          disabled: true

internal/kgateway/setup/testdata/autodns/backend.yaml

@@ -0,0 +1,42 @@
+kind: Gateway
+apiVersion: gateway.networking.k8s.io/v1
+metadata:
+  name: http-gw-for-test
+  namespace: gwtest
+spec:
+  gatewayClassName: kgateway
+  listeners:
+  - protocol: HTTP
+    port: 8080
+    name: http
+    allowedRoutes:
+      namespaces:
+        from: All
+---
+apiVersion: gateway.networking.k8s.io/v1beta1
+kind: HTTPRoute
+metadata:
+  name: route-to-upstream
+  namespace: gwtest
+spec:
+  parentRefs:
+    - name: http-gw-for-test
+  hostnames:
+    - "www.example.com"
+  rules:
+    - backendRefs:
+        - name: static
+          kind: Backend
+          group: gateway.kgateway.dev
+---
+apiVersion: gateway.kgateway.dev/v1alpha1
+kind: Backend
+metadata:
+  name: static
+  namespace: gwtest
+spec:
+  type: Static
+  static:
+    hosts:
+      - host: 1.2.3.4
+        port: 8080

internal/kgateway/setup/testdata/backend-out.yaml

@@ -49,6 +49,7 @@ clusters:
         '@type': type.googleapis.com/envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer
   type: EDS
 - connectTimeout: 5s
+  dnsLookupFamily: V4_PREFERRED
   loadAssignment:
     clusterName: backend_gwtest_static_0
     endpoints: