dns-cache: Use dnsdist as Do53 frontend

Author: hanazuki

gen/k8s/dns-cache/configmap.yml

@@ -3,7 +3,14 @@ key_path = '/secrets/tls-cert/tls.key'
 
 newServer(
    {
-      address = '127.0.0.1:10053',
+      address = '127.0.0.1:9053',
+      maxInFlight = 1000,
+   }
+)
+
+addLocal(
+   '0.0.0.0:10053',
+   {
       maxInFlight = 1000,
    }
 )

gen/k8s/dns-cache/deployment.yml

@@ -8,11 +8,9 @@ server:
   log-servfail: yes
   val-log-level: 2
 
-  interface: 0.0.0.0@10053
-#  interface: 0.0.0.0@10853
+  interface: 0.0.0.0@9053
   interface: 0.0.0.0@10443
-  port: 10053
-#  tls-port: 10853
+  port: 9053
   https-port: 10443
   access-control: 10.33.0.0/16 allow
 

k8s/dns-cache/config/dnsdist.lua

@@ -51,8 +51,6 @@ local tls_cert_secret = 'cert-resolver-rubykaigi-net';
               image: '005216166247.dkr.ecr.ap-northeast-1.amazonaws.com/unbound:e1f9c57c4144a320e30e948642ddecf2f3500b99',
               args: ['-c', '/etc/unbound/unbound.conf', '-dd'],
               ports: [
-                { name: 'dns', containerPort: 10053, protocol: 'UDP' },
-                { name: 'dns-tcp', containerPort: 10053, protocol: 'TCP' },
                 { name: 'dns-h2', containerPort: 10443, protocol: 'TCP' },
                 { name: 'prom', containerPort: 9167 },
               ],
@@ -85,6 +83,8 @@ local tls_cert_secret = 'cert-resolver-rubykaigi-net';
               image: '005216166247.dkr.ecr.ap-northeast-1.amazonaws.com/dnsdist:be372f5f14d6211a6aa46643c4a389fb64455246',
               args: ['-C', '/etc/dnsdist/dnsdist.lua', '--supervised', '--disable-syslog', '--verbose'],
               ports: [
+                { name: 'dns', containerPort: 10053, protocol: 'UDP' },
+                { name: 'dns-tcp', containerPort: 10053, protocol: 'TCP' },
                 { name: 'dns-tls', containerPort: 10853, protocol: 'TCP' },
                 { name: 'dns-quic', containerPort: 10853, protocol: 'UDP' },
                 { name: 'prom-dnsdist', containerPort: 9823 },