diff options
| author |  Chris O'Haver <cohaver@infoblox.com>
| 2022-11-04 09:54:57 -0400 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2022-11-04 09:54:57 -0400 |
| commit | 47c99dc73b8b77fb2edda060f11780eb022e8bfa (patch) | |
| tree | b11ae400cfd2c036d2585ecce5a57de78a6f8b61 /plugin/kubernetes | |
| parent | ead84e1fa8c618e5eef07d6bc5e9d20fc01e4ca7 (diff) | |
| download | coredns-47c99dc73b8b77fb2edda060f11780eb022e8bfa.tar.gz coredns-47c99dc73b8b77fb2edda060f11780eb022e8bfa.tar.zst coredns-47c99dc73b8b77fb2edda060f11780eb022e8bfa.zip | |
dont match external services when endpoint is specified (#5734)
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
Diffstat (limited to 'plugin/kubernetes')
| -rw-r--r-- | plugin/kubernetes/handler_test.go | 24 | ||||
| -rw-r--r-- | plugin/kubernetes/kubernetes.go | 4 |
2 files changed, 20 insertions, 8 deletions
diff --git a/plugin/kubernetes/handler_test.go b/plugin/kubernetes/handler_test.go index ecf47887f..203c9d943 100644 --- a/plugin/kubernetes/handler_test.go +++ b/plugin/kubernetes/handler_test.go @@ -39,21 +39,21 @@ var dnsTestCases = []kubeTestCase{ }}, {Case: test.Case{ Qname: "svc1.testns.svc.cluster.local.", Qtype: dns.TypeSRV, - Rcode: dns.RcodeSuccess, + Rcode: dns.RcodeSuccess, Answer: []dns.RR{test.SRV("svc1.testns.svc.cluster.local. 5 IN SRV 0 100 80 svc1.testns.svc.cluster.local.")}, - Extra: []dns.RR{test.A("svc1.testns.svc.cluster.local. 5 IN A 10.0.0.1")}, + Extra: []dns.RR{test.A("svc1.testns.svc.cluster.local. 5 IN A 10.0.0.1")}, }}, {Case: test.Case{ Qname: "svcempty.testns.svc.cluster.local.", Qtype: dns.TypeSRV, - Rcode: dns.RcodeSuccess, + Rcode: dns.RcodeSuccess, Answer: []dns.RR{test.SRV("svcempty.testns.svc.cluster.local. 5 IN SRV 0 100 80 svcempty.testns.svc.cluster.local.")}, - Extra: []dns.RR{test.A("svcempty.testns.svc.cluster.local. 5 IN A 10.0.0.1")}, + Extra: []dns.RR{test.A("svcempty.testns.svc.cluster.local. 5 IN A 10.0.0.1")}, }}, {Case: test.Case{ Qname: "svc6.testns.svc.cluster.local.", Qtype: dns.TypeSRV, - Rcode: dns.RcodeSuccess, + Rcode: dns.RcodeSuccess, Answer: []dns.RR{test.SRV("svc6.testns.svc.cluster.local. 5 IN SRV 0 100 80 svc6.testns.svc.cluster.local.")}, - Extra: []dns.RR{test.AAAA("svc6.testns.svc.cluster.local. 5 IN AAAA 1234:abcd::1")}, + Extra: []dns.RR{test.AAAA("svc6.testns.svc.cluster.local. 5 IN AAAA 1234:abcd::1")}, }}, // SRV Service {Case: test.Case{ @@ -163,7 +163,7 @@ var dnsTestCases = []kubeTestCase{ // AAAA {Case: test.Case{ Qname: "5678-abcd--2.hdls1.testns.svc.cluster.local", Qtype: dns.TypeAAAA, - Rcode: dns.RcodeSuccess, + Rcode: dns.RcodeSuccess, Answer: []dns.RR{test.AAAA("5678-abcd--2.hdls1.testns.svc.cluster.local. 5 IN AAAA 5678:abcd::2")}, }}, // CNAME External @@ -370,7 +370,7 @@ var dnsTestCases = []kubeTestCase{ }}, {Case: test.Case{ Qname: "svc-dual-stack.testns.svc.cluster.local.", Qtype: dns.TypeSRV, - Rcode: dns.RcodeSuccess, + Rcode: dns.RcodeSuccess, Answer: []dns.RR{test.SRV("svc-dual-stack.testns.svc.cluster.local. 5 IN SRV 0 50 80 svc-dual-stack.testns.svc.cluster.local.")}, Extra: []dns.RR{ test.A("svc-dual-stack.testns.svc.cluster.local. 5 IN A 10.0.0.3"), @@ -384,6 +384,14 @@ var dnsTestCases = []kubeTestCase{ test.SOA("cluster.local. 5 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 5"), }, }}, + // A query for a subdomain of an external service should not resolve to the external service + {Case: test.Case{ + Qname: "endpoint.external.testns.svc.cluster.local.", Qtype: dns.TypeCNAME, + Rcode: dns.RcodeNameError, + Ns: []dns.RR{ + test.SOA("cluster.local. 5 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 5"), + }, + }}, } func TestServeDNS(t *testing.T) { diff --git a/plugin/kubernetes/kubernetes.go b/plugin/kubernetes/kubernetes.go index 10d8b7e90..ec0d5a4b1 100644 --- a/plugin/kubernetes/kubernetes.go +++ b/plugin/kubernetes/kubernetes.go @@ -517,6 +517,10 @@ func (k *Kubernetes) findServices(r recordRequest, zone string) (services []msg. // External service if svc.Type == api.ServiceTypeExternalName { + //External services cannot have endpoints, so skip this service if an endpoint is present in the request + if r.endpoint != "" { + continue + } s := msg.Service{Key: strings.Join([]string{zonePath, Svc, svc.Namespace, svc.Name}, "/"), Host: svc.ExternalName, TTL: k.ttl} if t, _ := s.HostType(); t == dns.TypeCNAME { s.Key = strings.Join([]string{zonePath, Svc, svc.Namespace, svc.Name}, "/") |