Check loopback and link-local multicast endpoints #10713
Conversation
|
GCE e2e build/test failed for commit e299ebfcceff3d09869c453fec07ea23d7d9476c. |
|
Do we need to document why we disallow link-local (it sounds like we're disallowing the other 2 because we really want to disallow link-local)? It might suffice to say they're special, though I think link-local is used by cloud providers to serve metadata, so it might be the one many people try first. |
|
Good point, will push with a new comment. will add to docs this week. On Sat, Jul 4, 2015 at 11:02 AM, Prashanth B notifications@github.com
|
thockin
force-pushed
the
no-localhost-endpoints
branch
from
e299ebf to
7f11d03
Compare
|
GCE e2e build/test failed for commit 7f11d03aad3bdb5f5c03cb2943975ba7baf93342. |
thockin
force-pushed
the
no-localhost-endpoints
branch
from
7f11d03 to
0573147
Compare
|
GCE e2e build/test failed for commit 0573147b7628a72c57f068616c8524a67364e057. |
|
@nikhiljindal there's a problem here - swagger is emitting the "advertise address" flag here, but that's going to be different for every person since this PR makes 127.0.0.1 an invalid address to advertise. Thoughts on how hard it would be to emit a different address in swagger files? |
|
GCE e2e build/test passed for commit a7f1a008f49e13cf19c877843bfab7bf7f48c858. |
|
need 1.0 triage, I think this is (sadly) out for 1.0 at this point. |
bgrant0607
added
the
release-note
|
Swagger needs to report an address that clients are likely going to be able to reach. We've had multiple bug reports about this. Can we strip out the hostname/address post-generation? @nikhiljindal: would validation and the UI work if we did that? I'm fine with this change in principle. We need to be sure it ends up in the release notes, since it is a change of behavior. |
|
Needs rebase. |
|
I'm overloaded with API reviews. I need someone else to wrap up the code review. |
thockin
force-pushed
the
no-localhost-endpoints
branch
from
a7f1a00 to
120536c
Compare
|
@nikhiljindal Can we brainstorm some ideas on this? |
|
GCE e2e build/test passed for commit 120536c1e9eda7f986330f3fc014c6f81f3e163c. |
|
Hey apologies for the delay in getting to this. How about passing "advertise-address" flag in update-swagger-spec: https://github.com/GoogleCloudPlatform/kubernetes/blob/master/hack/update-swagger-spec.sh#L52 |
thockin
force-pushed
the
no-localhost-endpoints
branch
from
120536c to
dc0eb41
Compare
|
I updated this with a fixed address for swagger. It's not worse than before (in that it will still confuse users), but not better either. |
|
GCE e2e build/test passed for commit dc0eb4134b2f89d2823045bb8fdc0c40a1c7ec6d. |
|
Thanks! @bprashanth to give final LGTM. |
thockin
force-pushed
the
no-localhost-endpoints
branch
from
dc0eb41 to
698b96a
Compare
|
GCE e2e build/test passed for commit 698b96a367034624e7e8f13b2ac8ec2f01ced222. |
|
LGTM, please file bug or do doc change when you have time |
bprashanth
added
the
lgtm
|
Updating docs now, fair point. |
Previously we just disallowed link-local (unicast). This disallows loopback and link-local multicast.
thockin
force-pushed
the
no-localhost-endpoints
branch
from
698b96a to
16a3331
Compare
|
re-pushed with API and services docs updated |
|
GCE e2e build/test passed for commit 16a3331. |
Check loopback and link-local multicast endpoints
Previously we just disallowed link-local (unicast). This disallows loopback
and link-local multicast.
Fixes #10349