Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: Document limitation for kernels without netns cookie #17575

Merged
merged 1 commit into from Oct 12, 2021
Merged

docs: Document limitation for kernels without netns cookie #17575

merged 1 commit into from Oct 12, 2021

Conversation

pchaigno
Copy link
Member

On kernels without support for netns cookies, services are accessible via the loopback address from all pods. That is because Cilium cannot distinguish between host and pod namespaces in that case.

@pchaigno pchaigno added area/documentation Impacts the documentation, including textual changes, sphinx, or other doc generation code. release-note/misc This PR makes changes that have no direct user impact. sig/loadbalancing labels Oct 11, 2021
@pchaigno pchaigno requested a review from a team as a code owner October 11, 2021 21:51
@pchaigno pchaigno requested review from a team and joestringer October 11, 2021 21:51
@pchaigno pchaigno force-pushed the document-netns-cookie-limitation branch from 4f8bebb to 9192125 Compare October 11, 2021 21:57
@maintainer-s-little-helper

This comment has been minimized.

Sign in to view
@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-sign-off The author needs to add signoff to their commits before merge. label Oct 12, 2021
@pchaigno
docs: Document limitation for kernels without netns cookie
2b9fa2e 
On kernels without support for netns cookies, services are accessible
via the loopback address from all pods. That is because Cilium cannot
distinguish between host and pod namespaces in that case.

Suggested-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Paul Chaignon <paul@cilium.io>
@pchaigno pchaigno force-pushed the document-netns-cookie-limitation branch from 22ca27a to 2b9fa2e Compare October 12, 2021 08:26
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-sign-off The author needs to add signoff to their commits before merge. label Oct 12, 2021
@joestringer joestringer merged commit 2136dd8 into cilium:master Oct 12, 2021
@pchaigno pchaigno deleted the document-netns-cookie-limitation branch October 12, 2021 15:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@borkmann borkmann borkmann approved these changes

@joestringer joestringer joestringer approved these changes

Assignees
No one assigned
Labels
area/documentation Impacts the documentation, including textual changes, sphinx, or other doc generation code. release-note/misc This PR makes changes that have no direct user impact.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@pchaigno @borkmann @joestringer