handle blank name and namespaces (#2042)

plugin/kubernetes/handler_pod_insecure_test.go

@@ -55,7 +55,7 @@ var podModeInsecureCases = []test.Case{
 	},
 	{
 		Qname: "podns.pod.cluster.local.", Qtype: dns.TypeA,
-		Rcode: dns.RcodeNameError,
+		Rcode: dns.RcodeSuccess,
 		Ns: []dns.RR{
 			test.SOA("cluster.local.	300	IN	SOA	ns.dns.cluster.local. hostmaster.cluster.local. 1515173576 7200 1800 86400 30"),
 		},

plugin/kubernetes/handler_test.go

@@ -323,6 +323,13 @@ var dnsTestCases = []test.Case{
 			test.SOA("cluster.local.	303	IN	SOA	ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 60"),
 		},
 	},
+	{
+		Qname: "testns.svc.cluster.local.", Qtype: dns.TypeA,
+		Rcode: dns.RcodeSuccess,
+		Ns: []dns.RR{
+			test.SOA("cluster.local.	303	IN	SOA	ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 60"),
+		},
+	},
 }
 
 func TestServeDNS(t *testing.T) {

plugin/kubernetes/kubernetes.go

@@ -343,6 +343,16 @@ func (k *Kubernetes) findPods(r recordRequest, zone string) (pods []msg.Service,
 	zonePath := msg.Path(zone, "coredns")
 	ip := ""
 
+	// handle empty pod name
+	if podname == "" {
+		if k.namespace(namespace) || wildcard(namespace) {
+			// NODATA
+			return nil, nil
+		}
+		// NXDOMAIN
+		return nil, errNoItems
+	}
+
 	if strings.Count(podname, "-") == 3 && !strings.Contains(podname, "--") {
 		ip = strings.Replace(podname, "-", ".", -1)
 	} else {
@@ -362,6 +372,7 @@ func (k *Kubernetes) findPods(r recordRequest, zone string) (pods []msg.Service,
 		return []msg.Service{{Key: strings.Join([]string{zonePath, Pod, namespace, podname}, "/"), Host: ip, TTL: k.ttl}}, err
 	}
 
+	// PodModeVerified
 	err = errNoItems
 	if wildcard(podname) && !wildcard(namespace) {
 		// If namespace exist, err should be nil, so that we return nodata instead of NXDOMAIN
@@ -370,7 +381,6 @@ func (k *Kubernetes) findPods(r recordRequest, zone string) (pods []msg.Service,
 		}
 	}
 
-	// PodModeVerified
 	for _, p := range k.APIConn.PodIndex(ip) {
 		// If namespace has a wildcard, filter results against Corefile namespace list.
 		if wildcard(namespace) && !k.namespaceExposed(p.Namespace) {
@@ -411,6 +421,16 @@ func (k *Kubernetes) findServices(r recordRequest, zone string) (services []msg.
 		serviceList       []*api.Service
 	)
 
+	// handle empty service name
+	if r.service == "" {
+		if k.namespace(r.namespace) || wildcard(r.namespace) {
+			// NODATA
+			return nil, nil
+		}
+		// NXDOMAIN
+		return nil, errNoItems
+	}
+
 	if wildcard(r.service) || wildcard(r.namespace) {
 		serviceList = k.APIConn.ServiceList()
 		endpointsListFunc = func() []*api.Endpoints { return k.APIConn.EndpointsList() }

plugin/kubernetes/parse.go

@@ -43,10 +43,10 @@ func parseRequest(state request.Request) (r recordRequest, err error) {
 
 	r.port = "*"
 	r.protocol = "*"
-	r.service = "*"
+	// for r.name, r.namespace and r.endpoint, we need to know if they have been set or not...
-	r.namespace = "*"
+	// For endpoint: if empty we should skip the endpoint check in k.get(). Hence we cannot set if to "*".
-	// r.endpoint is the odd one out, we need to know if it has been set or not. If it is
+	// For name: myns.svc.cluster.local != *.myns.svc.cluster.local
-	// empty we should skip the endpoint check in k.get(). Hence we cannot set if to "*".
+	// For namespace: svc.cluster.local != *.svc.cluster.local
 
 	// start at the right and fill out recordRequest with the bits we find, so we look for
 	// pod|svc.namespace.service and then either