diff options
| -rw-r--r-- | plugin/kubernetes/README.md | 5 | ||||
| -rw-r--r-- | plugin/kubernetes/setup.go | 9 | ||||
| -rw-r--r-- | plugin/kubernetes/setup_test.go | 14 |
3 files changed, 26 insertions, 2 deletions
diff --git a/plugin/kubernetes/README.md b/plugin/kubernetes/README.md index 9bee4c019..4873aae8b 100644 --- a/plugin/kubernetes/README.md +++ b/plugin/kubernetes/README.md @@ -52,8 +52,9 @@ kubernetes [ZONES...] { * `endpoint` specifies the **URL** for a remote k8s API endpoint. If omitted, it will connect to k8s in-cluster using the cluster service account. Multiple k8s API endpoints could be specified: - `endpoint http://k8s-endpoint1:8080 http://k8s-endpoint2:8080`. CoreDNS - will automatically perform a healthcheck and proxy to the healthy k8s API endpoint. + `endpoint http://k8s-endpoint1:8080 http://k8s-endpoint2:8080`. + CoreDNS will automatically perform a healthcheck and proxy to the healthy k8s API endpoint. + Note that only http is supported when more than one k8s API endpoints are specified at the moment. * `tls` **CERT** **KEY** **CACERT** are the TLS cert, key and the CA cert file names for remote k8s connection. This option is ignored if connecting in-cluster (i.e. endpoint is not specified). * `kubeconfig` **KUBECONFIG** **CONTEXT** authenticates the connection to a remote k8s cluster using a kubeconfig file. It supports TLS, username and password, or token-based authentication. This option is ignored if connecting in-cluster (i.e., the endpoint is not specified). diff --git a/plugin/kubernetes/setup.go b/plugin/kubernetes/setup.go index 6928580ba..06939f8f2 100644 --- a/plugin/kubernetes/setup.go +++ b/plugin/kubernetes/setup.go @@ -196,6 +196,15 @@ func ParseStanza(c *caddy.Controller) (*Kubernetes, error) { args := c.RemainingArgs() if len(args) > 0 { k8s.APIServerList = args + if len(args) > 1 { + // If multiple endoints specified, then only http allowed + for i := range args { + parts := strings.SplitN(args[i], "://", 2) + if len(parts) == 2 && parts[0] != "http" { + return nil, fmt.Errorf("multiple endpoints can only accept http, found: %v", args[i]) + } + } + } continue } return nil, c.ArgErr() diff --git a/plugin/kubernetes/setup_test.go b/plugin/kubernetes/setup_test.go index 97cb1ff64..2bde16437 100644 --- a/plugin/kubernetes/setup_test.go +++ b/plugin/kubernetes/setup_test.go @@ -439,6 +439,20 @@ kubernetes cluster.local`, fall.Zero, nil, }, + { + `kubernetes coredns.local { + endpoint http://localhost:9090 https://localhost:9091 +}`, + true, + "multiple endpoints can only accept http", + -1, + -1, + defaultResyncPeriod, + "", + podModeDisabled, + fall.Zero, + nil, + }, } for i, test := range tests { |