starlingx
/
integ
Code Issues Proposed changes
integ/kubernetes/armada/debian/deb_folder/patches/0001-Revert-Tiller-listen-o...

84 lines
3.4 KiB
Diff
Raw Blame History

From bf0cfeb9efe5c021b24dcd5ef4c353507d96e307 Mon Sep 17 00:00:00 2001
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
Date: Tue, 14 Jun 2022 15:45:22 +0300
Subject: [PATCH 1/8] Revert "Tiller: listen on localhost by default"
This reverts commit a3f11e5873bc5b97de579c627d7b57e3bc9f655e.
Updating the sources from 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a to
ddbdd7256c20f138737f6cbd772312f7a19f58b8 we observe a change to default
tiller port logic.
Keep old logic.
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
---
charts/armada/templates/deployment-api.yaml | 2 +-
charts/armada/values.yaml | 6 ------
charts/tiller/templates/deployment-tiller.yaml | 2 +-
charts/tiller/values.yaml | 6 ------
4 files changed, 2 insertions(+), 14 deletions(-)
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
index b7f93d7..f1395ef 100644
--- a/charts/armada/templates/deployment-api.yaml
+++ b/charts/armada/templates/deployment-api.yaml
@@ -178,7 +178,7 @@ spec:
{{- end }}
{{- end }}
- -listen
- - "{{ if not .Values.conf.tiller.listen_on_any }}127.0.0.1{{ end }}:{{ .Values.conf.tiller.port }}"
+ - ":{{ .Values.conf.tiller.port }}"
- -probe-listen
- ":{{ .Values.conf.tiller.probe_port }}"
- -logtostderr
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
index b1ed61f..3a4427e 100644
--- a/charts/armada/values.yaml
+++ b/charts/armada/values.yaml
@@ -206,12 +206,6 @@ conf:
tiller:
# If set to false then some form of Tiller needs to be provided
enabled: true
- # To have Tiller bind to all interfaces, allowing direct connections from
- # the Helm client to pod_ip:port, set 'listen_on_any: true'.
- # The default setting 'listen_on_any: false' binds Tiller to 127.0.0.1.
- # The Armada container talks directly to Tiller via 127.0.0.1, so the
- # default value is appropriate for normal operation.
- listen_on_any: false
port: 24134
probe_port: 24135
verbosity: 5
diff --git a/charts/tiller/templates/deployment-tiller.yaml b/charts/tiller/templates/deployment-tiller.yaml
index f6df614..1f04a13 100644
--- a/charts/tiller/templates/deployment-tiller.yaml
+++ b/charts/tiller/templates/deployment-tiller.yaml
@@ -104,7 +104,7 @@ spec:
{{- end }}
{{- end }}
- -listen
- - "{{ if not .Values.conf.tiller.listen_on_any }}127.0.0.1{{ end }}:{{ .Values.conf.tiller.port }}"
+ - ":{{ .Values.conf.tiller.port }}"
- -probe-listen
- ":{{ .Values.conf.tiller.probe_port }}"
- -logtostderr
diff --git a/charts/tiller/values.yaml b/charts/tiller/values.yaml
index ba776bc..495e3c1 100644
--- a/charts/tiller/values.yaml
+++ b/charts/tiller/values.yaml
@@ -52,12 +52,6 @@ conf:
# Note: Defaulting to the (default) kubernetes grace period, as anything
# greater than that will have no effect.
prestop_sleep: 30
- # To have Tiller bind to all interfaces, allowing direct connections from
- # the Helm client to pod_ip:port, set 'listen_on_any: true'.
- # The default setting 'listen_on_any: false' binds Tiller to 127.0.0.1.
- # Helm clients with Kubernetes API access dynamically set up a portforward
- # into the pod, which works with the default setting.
- listen_on_any: false
port: 44134
probe_port: 44135
--
2.34.1
View Git Blame Copy Permalink