Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow lakom admission controller access to the cloud metadata server #12

Conversation

vpnachev
Copy link
Member

@vpnachev vpnachev commented May 31, 2023

What this PR does / why we need it:
Allow lakom admission controller access to the cloud metadata server

Which issue(s) this PR fixes:
Fixes #

Special notes for your reviewer:

Release note:

Lakom admission controller now have access to the metadata server also when gardener's feature gate `FullNetworkPoliciesInRuntimeCluster` is enabled.

@vpnachev vpnachev requested a review from a team as a code owner May 31, 2023 13:52
@gardener-robot gardener-robot added needs/review Needs review size/xs Size of pull request is tiny (see gardener-robot robot/bots/size.py) labels May 31, 2023
@gardener-robot-ci-1 gardener-robot-ci-1 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label May 31, 2023
@vpnachev vpnachev force-pushed the fix/allow-lakom-to-access-the-cloud-metadata-server branch from 568fec5 to 769d65a Compare May 31, 2023 13:53
@gardener-robot-ci-1 gardener-robot-ci-1 added needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels May 31, 2023
@gardener-robot-ci-3 gardener-robot-ci-3 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels May 31, 2023
@dimityrmirchev
Copy link
Member

This fixes #10, right?

@vpnachev
Copy link
Member Author

#10 was more about to investigate what has happened when the network to the metadata server was cut I and should have closed it already. Also, that issue was affecting only the pods that were existing before the traffic to be disallowed and they were running on GCP nodes that have had tokens.

I would rather say this PR is follow up or is related to #10, excuse me I've not linked it initially.

Copy link
Member

@dimityrmirchev dimityrmirchev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for clarifying!

/lgtm

@gardener-robot gardener-robot added reviewed/lgtm Has approval for merging and removed needs/review Needs review labels Jun 1, 2023
@gardener-robot-ci-3 gardener-robot-ci-3 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Jun 1, 2023
@vpnachev vpnachev merged commit efdfcdd into gardener:main Jun 1, 2023
@vpnachev vpnachev deleted the fix/allow-lakom-to-access-the-cloud-metadata-server branch June 1, 2023 06:42
@gardener-robot gardener-robot added the status/closed Issue is closed (either delivered or triaged) label Jun 1, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) reviewed/lgtm Has approval for merging reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) size/xs Size of pull request is tiny (see gardener-robot robot/bots/size.py) status/closed Issue is closed (either delivered or triaged)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants