84 lines
3.4 KiB
Diff
84 lines
3.4 KiB
Diff
From bf0cfeb9efe5c021b24dcd5ef4c353507d96e307 Mon Sep 17 00:00:00 2001
|
|
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
Date: Tue, 14 Jun 2022 15:45:22 +0300
|
|
Subject: [PATCH 1/8] Revert "Tiller: listen on localhost by default"
|
|
|
|
This reverts commit a3f11e5873bc5b97de579c627d7b57e3bc9f655e.
|
|
Updating the sources from 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a to
|
|
ddbdd7256c20f138737f6cbd772312f7a19f58b8 we observe a change to default
|
|
tiller port logic.
|
|
|
|
Keep old logic.
|
|
|
|
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
---
|
|
charts/armada/templates/deployment-api.yaml | 2 +-
|
|
charts/armada/values.yaml | 6 ------
|
|
charts/tiller/templates/deployment-tiller.yaml | 2 +-
|
|
charts/tiller/values.yaml | 6 ------
|
|
4 files changed, 2 insertions(+), 14 deletions(-)
|
|
|
|
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
index b7f93d7..f1395ef 100644
|
|
--- a/charts/armada/templates/deployment-api.yaml
|
|
+++ b/charts/armada/templates/deployment-api.yaml
|
|
@@ -178,7 +178,7 @@ spec:
|
|
{{- end }}
|
|
{{- end }}
|
|
- -listen
|
|
- - "{{ if not .Values.conf.tiller.listen_on_any }}127.0.0.1{{ end }}:{{ .Values.conf.tiller.port }}"
|
|
+ - ":{{ .Values.conf.tiller.port }}"
|
|
- -probe-listen
|
|
- ":{{ .Values.conf.tiller.probe_port }}"
|
|
- -logtostderr
|
|
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
|
index b1ed61f..3a4427e 100644
|
|
--- a/charts/armada/values.yaml
|
|
+++ b/charts/armada/values.yaml
|
|
@@ -206,12 +206,6 @@ conf:
|
|
tiller:
|
|
# If set to false then some form of Tiller needs to be provided
|
|
enabled: true
|
|
- # To have Tiller bind to all interfaces, allowing direct connections from
|
|
- # the Helm client to pod_ip:port, set 'listen_on_any: true'.
|
|
- # The default setting 'listen_on_any: false' binds Tiller to 127.0.0.1.
|
|
- # The Armada container talks directly to Tiller via 127.0.0.1, so the
|
|
- # default value is appropriate for normal operation.
|
|
- listen_on_any: false
|
|
port: 24134
|
|
probe_port: 24135
|
|
verbosity: 5
|
|
diff --git a/charts/tiller/templates/deployment-tiller.yaml b/charts/tiller/templates/deployment-tiller.yaml
|
|
index f6df614..1f04a13 100644
|
|
--- a/charts/tiller/templates/deployment-tiller.yaml
|
|
+++ b/charts/tiller/templates/deployment-tiller.yaml
|
|
@@ -104,7 +104,7 @@ spec:
|
|
{{- end }}
|
|
{{- end }}
|
|
- -listen
|
|
- - "{{ if not .Values.conf.tiller.listen_on_any }}127.0.0.1{{ end }}:{{ .Values.conf.tiller.port }}"
|
|
+ - ":{{ .Values.conf.tiller.port }}"
|
|
- -probe-listen
|
|
- ":{{ .Values.conf.tiller.probe_port }}"
|
|
- -logtostderr
|
|
diff --git a/charts/tiller/values.yaml b/charts/tiller/values.yaml
|
|
index ba776bc..495e3c1 100644
|
|
--- a/charts/tiller/values.yaml
|
|
+++ b/charts/tiller/values.yaml
|
|
@@ -52,12 +52,6 @@ conf:
|
|
# Note: Defaulting to the (default) kubernetes grace period, as anything
|
|
# greater than that will have no effect.
|
|
prestop_sleep: 30
|
|
- # To have Tiller bind to all interfaces, allowing direct connections from
|
|
- # the Helm client to pod_ip:port, set 'listen_on_any: true'.
|
|
- # The default setting 'listen_on_any: false' binds Tiller to 127.0.0.1.
|
|
- # Helm clients with Kubernetes API access dynamically set up a portforward
|
|
- # into the pod, which works with the default setting.
|
|
- listen_on_any: false
|
|
port: 44134
|
|
probe_port: 44135
|
|
|
|
--
|
|
2.34.1
|
|
|