Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set apiServerServiceRef in case of target shoot #792

Merged
merged 1 commit into from
Sep 3, 2020
Merged

Set apiServerServiceRef in case of target shoot #792

merged 1 commit into from
Sep 3, 2020

Conversation

petersutter
Copy link
Contributor

@petersutter petersutter commented Aug 28, 2020
edited

What this PR does / why we need it:
If gardener's APIServerSNI feature gate was enabled by the gardener administrators, it was not possible to reach the kube-apiserver within the terminal pod when running a cluster terminal on the seed (operators only). This is now fixed by using the local endpoint of the kube-apiserver instead of the public endpoint.
The local endpoint kube-apiserver is used in case the terminal pod is running on the seed.
The local endpoint kubernetes.default is used in case the terminal pod is running on the shoot's worker node

Which issue(s) this PR fixes:
Fixes #

Special notes for your reviewer:
Corresponding API change on terminal-controller-manager gardener/terminal-controller-manager#40

Release note:

This dashboard version requires terminal-controller-manager v0.12.0 or higher, in case the terminal feature is enabled

If gardener's `APIServerSNI` feature gate was enabled by the gardener administrators, it was not possible to reach the kube-apiserver within the terminal pod when running a cluster terminal on the seed (operators only). This is now fixed by using the local endpoint of the kube-apiserver (`kube-apiserver` / `kubernetes.default`) instead of the public endpoint.

@gardener-robot-ci-1 gardener-robot-ci-1 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Aug 28, 2020
@gardener-robot-ci-3 gardener-robot-ci-3 added needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Aug 28, 2020
grolu
grolu approved these changes Sep 1, 2020
View reviewed changes
Copy link
Contributor

@grolu grolu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@gardener-robot gardener-robot added the reviewed/lgtm Has approval for merging label Sep 1, 2020
@petersutter
Copy link
Contributor Author

/hold until terminal-controller-manager is released

@gardener-robot gardener-robot added the reviewed/do-not-merge Has no approval for merging as it may break things, be of poor quality or have (ext.) dependencies label Sep 1, 2020
@petersutter
Copy link
Contributor Author

/unhold

@gardener-robot gardener-robot removed the reviewed/do-not-merge Has no approval for merging as it may break things, be of poor quality or have (ext.) dependencies label Sep 3, 2020
@petersutter petersutter merged commit 99d3889 into master Sep 3, 2020
@petersutter petersutter deleted the enh/terminal-apiserver-service-ref branch September 3, 2020 07:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@grolu grolu grolu approved these changes

@holgerkoser holgerkoser Awaiting requested review from holgerkoser holgerkoser is a code owner

Assignees
No one assigned
Labels
needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) reviewed/lgtm Has approval for merging
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@petersutter @grolu @gardener-robot-ci-1 @gardener-robot-ci-3 @gardener-robot