plugin/kubernetes: document tranfer (#1745)

Fixes #1720

1 files changed, 6 insertions, 1 deletions

diff --git a/plugin/kubernetes/README.md b/plugin/kubernetes/README.md
index bc5d978b0..ad71c8336 100644
--- a/plugin/kubernetes/README.md
+++ b/plugin/kubernetes/README.md
@@ -40,6 +40,7 @@ kubernetes [ZONES...] {
     endpoint_pod_names
     upstream [ADDRESS...]
     ttl TTL
+    transfer to ADDRESS...
     fallthrough [ZONES...]
 }
 ```
@@ -90,6 +91,10 @@ kubernetes [ZONES...] {
   5 seconds, the maximum is capped at 3600 seconds.
 * `noendpoints` will turn off the serving of endpoint records by disabling the watch on endpoints.
   All endpoint queries and headless service queries will result in an NXDOMAIN.
+* `transfer` enables zone transfers. It may be specified multiples times. `To` signals the direction
+  (only `to` is alllow). **ADDRESS** must be denoted in CIDR notation (127.0.0.1/32 etc.) or just as
+  plain addresses. The special wildcard `*` means: the entire internet.
+  Sending DNS notifies is not supported.
 * `fallthrough` **[ZONES...]** If a query for a record in the zones for which the plugin is authoritative
   results in NXDOMAIN, normally that is what the response will be. However, if you specify this option,
   the query will instead be passed on down the plugin chain, which can include another plugin to handle
@@ -199,7 +204,7 @@ or the word "any"), then that label will match all values.  The labels that acce
  * _port and/or protocol_ in an `SRV` request: __port_.__protocol_.service.namespace.svc.zone.,
    e.g. `_http.*.service.ns.svc.cluster.local`
  * multiple wild cards are allowed in a single query, e.g. `A` Request `*.*.svc.zone.` or `SRV` request `*.*.*.*.svc.zone.`
- 
+
  For example, Wildcards can be used to resolve all Endpoints for a Service as `A` records. e.g.: `*.service.ns.svc.myzone.local` will return the Endpoint IPs in the Service `service` in namespace `default`:
  ```
 *.service.default.svc.cluster.local. 5	IN A	192.168.10.10