plugin/kubernetes: correctly set NODATA for ns (#1229)

* plugin/kubernetes: Add GetNamespaceByName A bare or wildcard query for just the namespace should return NODATA, not NXDOMAIN, otherwise we deny the entirety of the names under the namespace. Add test to check for this in pod verified mode. * Review More comments and move namespace code to namespace.go
author: Miek Gieben <miek@miek.nl> 2017-11-13 21:51:51 +0000
committer: GitHub <noreply@github.com> 2017-11-13 21:51:51 +0000
commit: c37bf56b1e30ebc9bc94efca0ea12158d5648463 (patch)
tree: a245ff90b070b8d4b8da9f492c701e6f367b3e1d /plugin/kubernetes/kubernetes.go
parent: 9018451dd30caf40f4c7e5e6e5d614c31b2f42e6 (diff)
download: coredns-c37bf56b1e30ebc9bc94efca0ea12158d5648463.tar.gz
coredns-c37bf56b1e30ebc9bc94efca0ea12158d5648463.tar.zst
coredns-c37bf56b1e30ebc9bc94efca0ea12158d5648463.zip
1 files changed, 15 insertions, 10 deletions
diff --git a/plugin/kubernetes/kubernetes.go b/plugin/kubernetes/kubernetes.go
index 625422935..0168ab52a 100644
--- a/plugin/kubernetes/kubernetes.go
+++ b/plugin/kubernetes/kubernetes.go
@@ -304,7 +304,14 @@ func (k *Kubernetes) findPods(r recordRequest, zone string) (pods []msg.Service,
 	podname := r.service
 	zonePath := msg.Path(zone, "coredns")
 	ip := ""
+
 	err = errNoItems
+	if wildcard(podname) && !wildcard(namespace) {
+		// If namespace exist, err should be nil, so that we return nodata instead of NXDOMAIN
+		if k.namespace(namespace) {
+			err = nil
+		}
+	}
 
 	if strings.Count(podname, "-") == 3 && !strings.Contains(podname, "--") {
 		ip = strings.Replace(podname, "-", ".", -1)
@@ -336,7 +343,14 @@ func (k *Kubernetes) findPods(r recordRequest, zone string) (pods []msg.Service,
 // findServices returns the services matching r from the cache.
 func (k *Kubernetes) findServices(r recordRequest, zone string) (services []msg.Service, err error) {
 	zonePath := msg.Path(zone, "coredns")
-	err = errNoItems // Set to errNoItems to signal really nothing found, gets reset when name is matched.
+
+	err = errNoItems
+	if wildcard(r.service) && !wildcard(r.namespace) {
+		// If namespace exist, err should be nil, so that we return nodata instead of NXDOMAIN
+		if k.namespace(namespace) {
+			err = nil
+		}
+	}
 
 	var (
 		endpointsListFunc func() []*api.Endpoints
@@ -449,15 +463,6 @@ func wildcard(s string) bool {
 	return s == "*" || s == "any"
 }
 
-// namespaceExposed returns true when the namespace is exposed.
-func (k *Kubernetes) namespaceExposed(namespace string) bool {
-	_, ok := k.Namespaces[namespace]
-	if len(k.Namespaces) > 0 && !ok {
-		return false
-	}
-	return true
-}
-
 const (
 	// Svc is the DNS schema for kubernetes services
 	Svc = "svc"
author	Miek Gieben <miek@miek.nl>	2017-11-13 21:51:51 +0000
committer	GitHub <noreply@github.com>	2017-11-13 21:51:51 +0000
commit	c37bf56b1e30ebc9bc94efca0ea12158d5648463 (patch)
tree	a245ff90b070b8d4b8da9f492c701e6f367b3e1d /plugin/kubernetes/kubernetes.go
parent	9018451dd30caf40f4c7e5e6e5d614c31b2f42e6 (diff)
download	coredns-c37bf56b1e30ebc9bc94efca0ea12158d5648463.tar.gz coredns-c37bf56b1e30ebc9bc94efca0ea12158d5648463.tar.zst coredns-c37bf56b1e30ebc9bc94efca0ea12158d5648463.zip