-
Notifications
You must be signed in to change notification settings - Fork 190
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expose etcd port unexpected #1035
Comments
This behavior is expected, this port is reserved for Maybe in the future I'll see if I can do this without exposing the port. |
Hello @wzshiming , when I use the v0.4.0 the etcd will not map the 2379 port to the local network port. But after I upgrade to v0.5.1 the etcd 2379 port will map to local network port. And the etcd have not support the secure mode. So there maybe some security issues. Do you have any suggestions? |
This kwokctl is only used as a tool for development and testing, so why would it be a security issue, what are you using it for? |
We use the kwokctl to mock the env and run some e2e tests. |
Although, I think it's not a big deal to expose one more port in testing. I will implement it when I have time. |
How to use it?
What happened?
I run the
KUBECONFIG=~/.kube/kube-sampleserver2 KWOK_KUBE_VERSION=v1.18.15 kwokctl create cluster --name=test-sampleserver2 --kube-apiserver-port=6443 --kube-authorization --config=~/Downloads/kwok-test.yaml -v -4
to create a cluster. And I set the etcdPort is 0 which should not export the port to local.What did you expect to happen?
If set the ectdPort == 0 which should not expose the etcd port to local.
How can we reproduce it (as minimally and precisely as possible)?
KUBECONFIG=
/.kube/kube-sampleserver2 KWOK_KUBE_VERSION=v1.18.15 kwokctl create cluster --name=test-sampleserver2 --kube-apiserver-port=6443 --kube-authorization --config=/Downloads/kwok-test.yaml -v -4Anything else we need to know?
No response
Kwok version
OS version
On Darwin:
$ uname -a
paste output here
On Windows:
C:> wmic os get Caption, Version, BuildNumber, OSArchitecture
paste output here
The text was updated successfully, but these errors were encountered: