From 12678ac5e2ff86fa3e40939ee4941aff0b05c0b6 Mon Sep 17 00:00:00 2001 From: Miek Gieben Date: Mon, 6 Mar 2017 11:42:59 +0000 Subject: [PATCH] middleware/kubernetes: doc cleanup (#571) Set of small cleanups. --- middleware/kubernetes/README.md | 42 +++++++++++------------- middleware/kubernetes/handler.go | 2 +- middleware/kubernetes/kubernetes.go | 4 +-- middleware/kubernetes/kubernetes_test.go | 3 -- 4 files changed, 22 insertions(+), 29 deletions(-) diff --git a/middleware/kubernetes/README.md b/middleware/kubernetes/README.md index 34d625f5d..9232e4756 100644 --- a/middleware/kubernetes/README.md +++ b/middleware/kubernetes/README.md @@ -1,10 +1,8 @@ # kubernetes *kubernetes* enables reading zone data from a kubernetes cluster. -It implements the spec defined for kubernetes DNS-Based service discovery: - https://github.com/kubernetes/dns/blob/master/docs/specification.md - -Examples: +It implements the [spec](https://github.com/kubernetes/dns/blob/master/docs/specification.md) +defined for kubernetes DNS-Based service discovery: Service `A` records are constructed as "myservice.mynamespace.svc.coredns.local" where: @@ -30,29 +28,29 @@ Endpoint `A` records are constructed as "epname.myservice.mynamespace.svc.coredn Also supported are PTR and SRV records for services/endpoints. -## Configuration Syntax +## Syntax -This is an example kubernetes middle configuration block, with all options described: +This is an example kubernetes configuration block, with all options described: ``` # kubernetes [] ... # # Use kubernetes middleware for domain "coredns.local" -# Reverse domain zones can be defined here (e.g. 0.0.10.in-addr.arpa), +# Reverse domain zones can be defined here (e.g. 0.0.10.in-addr.arpa), # or instead with the "cidrs" option. # kubernetes coredns.local { - + # resyncperiod # # Kubernetes data API resync period. Default is 5m # Example values: 60s, 5m, 1h # resyncperiod 5m - + # endpoint # - # Use url for a remote k8s API endpoint. If omitted, it will connect to + # Use url for a remote k8s API endpoint. If omitted, it will connect to # k8s in-cluster using the cluster service account. # endpoint https://k8s-endpoint:8080 @@ -64,14 +62,14 @@ kubernetes coredns.local { # specified). # tls cert key cacert - + # namespaces [] ... # # Only expose the k8s namespaces listed. If this option is omitted # all namespaces are exposed # namespaces demo - + # lables [,] ... # # Only expose the records for kubernetes objects @@ -82,25 +80,25 @@ kubernetes coredns.local { # "application=nginx" in the staging or qa environments. # labels environment in (staging, qa),application=nginx - + # pods # - # Set the mode of responding to pod A record requests. + # Set the mode of responding to pod A record requests. # e.g 1-2-3-4.ns.pod.zone. This option is provided to allow use of # SSL certs when connecting directly to pods. # Valid values: disabled, verified, insecure # disabled: Do not process pod requests, always returning NXDOMAIN - # insecure: Always return an A record with IP from request (without + # insecure: Always return an A record with IP from request (without # checking k8s). This option is is vulnerable to abuse if # used maliciously in conjuction with wildcard SSL certs. - # verified: Return an A record if there exists a pod in same + # verified: Return an A record if there exists a pod in same # namespace with matching IP. This option requires - # substantially more memory than in insecure mode, since it - # will maintain a watch on all pods. + # substantially more memory than in insecure mode, since it + # will maintain a watch on all pods. # Default value is "disabled". # pods disabled - + # cidrs [] ... # # Expose cidr ranges to reverse lookups. Include any number of space @@ -109,15 +107,15 @@ kubernetes coredns.local { # that fall within these ranges. # cidrs 10.0.0.0/24 10.0.10.0/25 - + } ``` ## Wildcards -Some query labels accept a wildcard value to match any value. -If a label is a valid wildcard (\*, or the word "any"), then that label will match +Some query labels accept a wildcard value to match any value. +If a label is a valid wildcard (\*, or the word "any"), then that label will match all values. The labels that accept wildcards are: * _service_ in an `A` record request: _service_.namespace.svc.zone. * e.g. `*.ns.svc.myzone.local` diff --git a/middleware/kubernetes/handler.go b/middleware/kubernetes/handler.go index 7ecce88d2..b86938d26 100644 --- a/middleware/kubernetes/handler.go +++ b/middleware/kubernetes/handler.go @@ -45,7 +45,7 @@ func (k Kubernetes) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.M ) switch state.Type() { case "A": - records, _, err = middleware.A(&k, zone, state, nil, middleware.Options{}) // Hmm wrt to '&k' + records, _, err = middleware.A(&k, zone, state, nil, middleware.Options{}) case "AAAA": records, _, err = middleware.AAAA(&k, zone, state, nil, middleware.Options{}) case "TXT": diff --git a/middleware/kubernetes/kubernetes.go b/middleware/kubernetes/kubernetes.go index 54aa8b060..ca2d69824 100644 --- a/middleware/kubernetes/kubernetes.go +++ b/middleware/kubernetes/kubernetes.go @@ -151,9 +151,7 @@ func (k *Kubernetes) IsNameError(err error) bool { } // Debug implements the ServiceBackend interface. -func (k *Kubernetes) Debug() string { - return "debug" -} +func (k *Kubernetes) Debug() string { return "debug" } func (k *Kubernetes) getClientConfig() (*rest.Config, error) { // For a custom api server or running outside a k8s cluster diff --git a/middleware/kubernetes/kubernetes_test.go b/middleware/kubernetes/kubernetes_test.go index 244db748c..2b83aaecf 100644 --- a/middleware/kubernetes/kubernetes_test.go +++ b/middleware/kubernetes/kubernetes_test.go @@ -84,7 +84,6 @@ func TestParseRequest(t *testing.T) { } // Test A request of endpoint - // query = "1-2-3-4.webs.mynamespace.svc.inter.webs.test." r, e = k.parseRequest(query, "A") if e != nil { @@ -104,8 +103,6 @@ func TestParseRequest(t *testing.T) { } // Invalid query tests - // - invalidAQueries := []string{ "_http._tcp.webs.mynamespace.svc.inter.webs.test.", // A requests cannot have port or protocol "servname.ns1.srv.inter.nets.test.", // A requests must have zone that matches corefile