TrueCloudLab/coredns
16
0
Fork 2
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Allow cidr based reverse zone config (#500)

Browse source 
* add cidrs opt

* remove state data from middleware object
This commit is contained in:
Chris O'Haver 2017-02-01 12:56:10 -05:00 committed by John Belamaric
parent 3a04d2a306
commit 8beb1b2166
3 changed files with 33 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
middleware/kubernetes/handler.go
View file

@ -26,8 +26,13 @@ func (k Kubernetes) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.M
// otherwise delegate to the next in the pipeline. // otherwise delegate to the next in the pipeline.
zone := middleware.Zones(k.Zones).Matches(state.Name()) zone := middleware.Zones(k.Zones).Matches(state.Name())
if zone == "" { if zone == "" {
// If this is a PTR request, and a the request is in a defined
// pod/service cidr range, process the request in this middleware,
// otherwise pass to next middleware.
if state.Type() != "PTR" || !k.IsRequestInReverseRange(state) {
return middleware.NextOrFailure(k.Name(), k.Next, ctx, w, r) return middleware.NextOrFailure(k.Name(), k.Next, ctx, w, r)
} }
}
var ( var (
records, extra []dns.RR records, extra []dns.RR

12
middleware/kubernetes/kubernetes.go
View file

@ -5,6 +5,7 @@ import (
"errors" "errors"
"fmt" "fmt"
"log" "log"
"net"
"strings" "strings"
"time" "time"
@ -41,6 +42,7 @@ type Kubernetes struct {
LabelSelector *unversionedapi.LabelSelector LabelSelector *unversionedapi.LabelSelector
Selector *labels.Selector Selector *labels.Selector
PodMode string PodMode string
ReverseCidrs []net.IPNet
} }
const ( const (
@ -128,6 +130,16 @@ func (k *Kubernetes) Reverse(state request.Request, exact bool, opt middleware.O
return records, nil, nil return records, nil, nil
} }
func (k *Kubernetes) IsRequestInReverseRange(state request.Request) bool {
ip := dnsutil.ExtractAddressFromReverse(state.Name())
for _, c := range k.ReverseCidrs {
if c.Contains(net.ParseIP(ip)) {
return true
}
}
return false
}
// Lookup implements the ServiceBackend interface. // Lookup implements the ServiceBackend interface.
func (k *Kubernetes) Lookup(state request.Request, name string, typ uint16) (*dns.Msg, error) { func (k *Kubernetes) Lookup(state request.Request, name string, typ uint16) (*dns.Msg, error) {
return k.Proxy.Lookup(state, name, typ) return k.Proxy.Lookup(state, name, typ)

15
middleware/kubernetes/setup.go
View file

@ -3,6 +3,7 @@ package kubernetes
import ( import (
"errors" "errors"
"fmt" "fmt"
"net"
"strings" "strings"
"time" "time"
@ -84,6 +85,20 @@ func kubernetesParse(c *caddy.Controller) (*Kubernetes, error) {
for c.NextBlock() { for c.NextBlock() {
switch c.Val() { switch c.Val() {
case "cidrs":
args := c.RemainingArgs()
if len(args) > 0 {
for _, cidrStr := range args {
_, cidr, err := net.ParseCIDR(cidrStr)
if err != nil {
return nil, errors.New(c.Val() + " contains an invalid cidr: " + cidrStr)
}
k8s.ReverseCidrs = append(k8s.ReverseCidrs, *cidr)
}
continue
}
return nil, c.ArgErr()
case "pods": case "pods":
args := c.RemainingArgs() args := c.RemainingArgs()
if len(args) == 1 { if len(args) == 1 {