New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configurable metrics ports #1720
Comments
The CSI driver does not have configurable port for the metrics and due to hostNetwork they will be exposed on the node. I opened kubernetes-sigs/vsphere-csi-driver#1720 upstream.
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
/remove-lifecycle stale |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
/remove-lifecycle stale |
We ship CSI driver as static deployment yaml. For instance - https://github.com/kubernetes-sigs/vsphere-csi-driver/blob/v2.7.0/manifests/vanilla/vsphere-csi-driver.yaml What change do you want in this? |
Because I don't want a random unprotected HTTP port open on |
/assign @lipingxue |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
/remove-lifecycle rotten |
|
I want a new cmdline option, e.g. Right now, the driver is deployed with hostNetwork: true and at the same time it opens metrics port on 0.0.0.0, which means that it's exposed directly on the node. I.e. anyone in the cluster can read the driver metrics and, if lucky enough, can expose any CVE in go prometheus / http / networking stack. |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
/remove-lifecycle rotten |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
Is this a BUG REPORT or FEATURE REQUEST?:
/kind feature
What happened:
Currently, the CSI driver + syncer processes open metrics port at
0.0.0.0:2112
and0.0.0.0:2113
. This should be configurable on cmdline, both the listening address and port.The text was updated successfully, but these errors were encountered: