plugin/kubernetes: correctly set NODATA for ns (#1229)

* plugin/kubernetes: Add GetNamespaceByName A bare or wildcard query for just the namespace should return NODATA, not NXDOMAIN, otherwise we deny the entirety of the names under the namespace. Add test to check for this in pod verified mode. * Review More comments and move namespace code to namespace.go
2017-11-13 21:51:51 +00:00 · 2017-11-13 21:51:51 +00:00 · c37bf56b1e
commit c37bf56b1e
parent 9018451dd3
8 changed files with 101 additions and 10 deletions
--- a/plugin/kubernetes/handler_pod_verified_test.go
+++ b/plugin/kubernetes/handler_pod_verified_test.go
@ -18,6 +18,27 @@ var podModeVerifiedCases = []test.Case{
 			test.A("10-240-0-1.podns.pod.cluster.local.	0	IN	A	10.240.0.1"),
 		},
 	},
+	{
+		Qname: "podns.pod.cluster.local.", Qtype: dns.TypeA,
+		Rcode: dns.RcodeSuccess,
+		Ns: []dns.RR{
+			test.SOA("cluster.local.	300	IN	SOA	ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 60"),
+		},
+	},
+	{
+		Qname: "svcns.svc.cluster.local.", Qtype: dns.TypeA,
+		Rcode: dns.RcodeSuccess,
+		Ns: []dns.RR{
+			test.SOA("cluster.local.	300	IN	SOA	ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 60"),
+		},
+	},
+	{
+		Qname: "pod-nons.pod.cluster.local.", Qtype: dns.TypeA,
+		Rcode: dns.RcodeNameError,
+		Ns: []dns.RR{
+			test.SOA("cluster.local.	300	IN	SOA	ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 60"),
+		},
+	},
 	{
 		Qname: "172-0-0-2.podns.pod.cluster.local.", Qtype: dns.TypeA,
 		Rcode: dns.RcodeNameError,