cloud-on-k8s icon indicating copy to clipboard operation
cloud-on-k8s copied to clipboard

Published 20 hours ago verified publisher icon elastic

Set enableServiceLinks to false by default in pod specs

Open charith-elastic opened this issue 6 years ago • 3 comments

From Kubernetes 1.13 onwards, setting enableServiceLinks to false in the pod spec will prevent the injection of environment variables with service information into the pod. Since Elasticsearch, Kibana nor APM server depend on these injected variables, defaulting enableServiceLinks to false in all pod specs will help avoid issues with name clashes such as the one reported in #1987

charith-elastic avatar Oct 21 '19 08:10 charith-elastic

@charith-elastic can I take this one? Seems pretty straightforward

racevedoo avatar Oct 21 '19 11:10 racevedoo

Probably not wise to take it on just yet because the team hasn't had a chance to triage it. It's a bit tricky because we still support Kubernetes 1.11 and this setting is only available from 1.13 onwards.

charith-elastic avatar Oct 21 '19 14:10 charith-elastic

This makes sense to me. It looks like a pod spec with that field will fail admission validation pre-1.13, so I think we'd have to do one of

  • detect what version of k8s we're talking to before applying it
  • control it via a feature flag. We already have separate yamls for 1.13+, so we could set it via an env var in that yaml
  • wait until we don't support pre-1.13 any longer

anyasabo avatar Oct 21 '19 15:10 anyasabo