kube2iam icon indicating copy to clipboard operation
kube2iam copied to clipboard

Published 20 hours ago verified publisher icon jtblin

Optionally revert iptables changes on exit

Open dangorst1066 opened this issue 7 years ago • 3 comments

Referencing #44

Hey - just raising this as a possible simple answer to the issue around kube2iam not cleaning up after itself and removing iptables rules on exit. Judging from the debate perhaps this is behaviour the users should configure depending on their security requirements?

I think this is something that should be addressed one way or another (even if not through this pr!) as there are real world scenarios where you might need to abort/roll back a deploy of kube2iam without leaving your cluster unable to access ec2 metadata, or perhaps reconfigure it to use another interface or port etc without wanting to manually remove iptables rules.

ps please ignore my other closed pr for this same issue, that was opened prematurely !

dangorst1066 avatar Jan 31 '18 21:01 dangorst1066

Coverage Status

Coverage increased (+0.9%) to 19.355% when pulling 2349511ba9f03ad77316292d60a44f775acb39a2 on HotelsDotCom:master into d0518d90384b3facf67a3e74c80c1af125dade7b on jtblin:master.

coveralls avatar Jan 31 '18 22:01 coveralls

Can we get this merged? It does cause issues, especially when you perform a port change(which can happen since its using host network/port)

jay-rob avatar Mar 05 '18 23:03 jay-rob

Any updates on this @jtblin ?

I have built this and tested on my own Kubernetes cluster and it works.

noqcks avatar Feb 12 '19 18:02 noqcks