diff options
| -rw-r--r-- | plugin/kubernetes/README.md | 6 | ||||
| -rw-r--r-- | plugin/kubernetes/handler_test.go | 8 | ||||
| -rw-r--r-- | plugin/kubernetes/metadata.go | 7 | ||||
| -rw-r--r-- | plugin/kubernetes/metadata_test.go | 6 | ||||
| -rw-r--r-- | plugin/kubernetes/object/pod.go | 2 |
5 files changed, 24 insertions, 5 deletions
diff --git a/plugin/kubernetes/README.md b/plugin/kubernetes/README.md index 0c50333e9..d600b66ac 100644 --- a/plugin/kubernetes/README.md +++ b/plugin/kubernetes/README.md @@ -207,9 +207,11 @@ plugin is also enabled: * `kubernetes/service`: the service name in the query * `kubernetes/client-namespace`: the client pod's namespace (see requirements below) * `kubernetes/client-pod-name`: the client pod's name (see requirements below) + * `kubernetes/client-label/<label key>`: a label on the client pod (see requirements below) -The `kubernetes/client-namespace` and `kubernetes/client-pod-name` metadata work by reconciling the -client IP address in the DNS request packet to a known pod IP address. Therefore the following is required: +The `kubernetes/client-namespace`, `kubernetes/client-pod-name`, and `kubernetes/client-label/<label key>` +metadata work by reconciling the client IP address in the DNS request packet to a known pod IP address. +Therefore the following is required: * `pods verified` mode must be enabled * the remote IP address in the DNS packet received by CoreDNS must be the IP address of the Pod that sent the request. diff --git a/plugin/kubernetes/handler_test.go b/plugin/kubernetes/handler_test.go index 405dc73d9..683e0de7a 100644 --- a/plugin/kubernetes/handler_test.go +++ b/plugin/kubernetes/handler_test.go @@ -580,7 +580,13 @@ func (APIConnServeTest) PodIndex(ip string) []*object.Pod { return []*object.Pod{} } a := []*object.Pod{ - {Namespace: "podns", Name: "foo", PodIP: "10.240.0.1"}, // Remote IP set in test.ResponseWriter + { + Namespace: "podns", Name: "foo", PodIP: "10.240.0.1", + Labels: map[string]string{ + "app.kubernetes.io/name": "foo", + "bar": "baz", + }, + }, // Remote IP set in test.ResponseWriter } return a } diff --git a/plugin/kubernetes/metadata.go b/plugin/kubernetes/metadata.go index 36e2f9a0f..ed651e4ed 100644 --- a/plugin/kubernetes/metadata.go +++ b/plugin/kubernetes/metadata.go @@ -19,6 +19,13 @@ func (k *Kubernetes) Metadata(ctx context.Context, state request.Request) contex metadata.SetValueFunc(ctx, "kubernetes/client-pod-name", func() string { return pod.Name }) + + for k, v := range pod.Labels { + v := v + metadata.SetValueFunc(ctx, "kubernetes/client-label/"+k, func() string { + return v + }) + } } zone := plugin.Zones(k.Zones).Matches(state.Name()) diff --git a/plugin/kubernetes/metadata_test.go b/plugin/kubernetes/metadata_test.go index 009c53375..1f47bd542 100644 --- a/plugin/kubernetes/metadata_test.go +++ b/plugin/kubernetes/metadata_test.go @@ -141,8 +141,10 @@ func TestMetadataPodsVerified(t *testing.T) { k.Metadata(ctx, state) expect := map[string]string{ - "kubernetes/client-namespace": "podns", - "kubernetes/client-pod-name": "foo", + "kubernetes/client-namespace": "podns", + "kubernetes/client-pod-name": "foo", + "kubernetes/client-label/app.kubernetes.io/name": "foo", + "kubernetes/client-label/bar": "baz", } md := make(map[string]string) diff --git a/plugin/kubernetes/object/pod.go b/plugin/kubernetes/object/pod.go index 9b9d5641c..aa69150aa 100644 --- a/plugin/kubernetes/object/pod.go +++ b/plugin/kubernetes/object/pod.go @@ -16,6 +16,7 @@ type Pod struct { PodIP string Name string Namespace string + Labels map[string]string *Empty } @@ -33,6 +34,7 @@ func ToPod(obj meta.Object) (meta.Object, error) { PodIP: apiPod.Status.PodIP, Namespace: apiPod.GetNamespace(), Name: apiPod.GetName(), + Labels: apiPod.GetLabels(), } t := apiPod.ObjectMeta.DeletionTimestamp if t != nil && !(*t).Time.IsZero() { |