plugin/k8s_external: Add support for PTR requests (#5435)

* Exclude External IP addresses from being added to the existing kubernetes' plugin IP->Service index * Add support for PTR requests on External IPs of Services to the k8s_external plugin Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
2022-07-06 13:55:15 -04:00 · 2022-07-06 13:55:15 -04:00 · e80d696502
commit e80d696502
parent d903a963ee
12 changed files with 163 additions and 44 deletions
--- a/plugin/kubernetes/external.go
+++ b/plugin/kubernetes/external.go
@ -14,6 +14,18 @@ import (
 // External implements the ExternalFunc call from the external plugin.
 // It returns any services matching in the services' ExternalIPs.
 func (k *Kubernetes) External(state request.Request) ([]msg.Service, int) {
+	if state.QType() == dns.TypePTR {
+		ip := dnsutil.ExtractAddressFromReverse(state.Name())
+		if ip != "" {
+			svcs, err := k.ExternalReverse(ip)
+			if err != nil {
+				return nil, dns.RcodeNameError
+			}
+			return svcs, dns.RcodeSuccess
+		}
+		// for invalid reverse names, fall through to determine proper nxdomain/nodata response
+	}
+
 	base, _ := dnsutil.TrimZone(state.Name(), state.Zone)

 	segs := dns.SplitDomainName(base)
@ -76,6 +88,10 @@ func (k *Kubernetes) External(state request.Request) ([]msg.Service, int) {
 			}
 		}
 	}
+	if state.QType() == dns.TypePTR {
+		// if this was a PTR request, return empty service list, but retain rcode for proper nxdomain/nodata response
+		return nil, rcode
+	}
 	return services, rcode
 }

@ -111,3 +127,24 @@ func (k *Kubernetes) ExternalServices(zone string) (services []msg.Service) {
 func (k *Kubernetes) ExternalSerial(string) uint32 {
 	return uint32(k.APIConn.Modified(true))
 }
+
+// ExternalReverse does a reverse lookup for the external IPs
+func (k *Kubernetes) ExternalReverse(ip string) ([]msg.Service, error) {
+	records := k.serviceRecordForExternalIP(ip)
+	if len(records) == 0 {
+		return records, errNoItems
+	}
+	return records, nil
+}
+
+func (k *Kubernetes) serviceRecordForExternalIP(ip string) []msg.Service {
+	var svcs []msg.Service
+	for _, service := range k.APIConn.SvcExtIndexReverse(ip) {
+		if len(k.Namespaces) > 0 && !k.namespaceExposed(service.Namespace) {
+			continue
+		}
+		domain := strings.Join([]string{service.Name, service.Namespace}, ".")
+		svcs = append(svcs, msg.Service{Host: domain, TTL: k.ttl})
+	}
+	return svcs
+}