/kubevirt

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Limit cloud-init userdata size at api server #404

Closed
davidvossel opened this Issue Aug 31, 2017 · 5 comments

Comments

Assignees

@davidvossel davidvossel

Labels
Projects
None yet
Milestone
No milestone
2 participants
@davidvossel @fabiand
@davidvossel
Member

davidvossel commented Aug 31, 2017
edited by fabiand

The api-server needs to enforce a limit on how large we'll allow the cloud-init (and other configuration based data) to be before we allow that object to be stored into etcd.

This issue is about limiting the cloud-init payload size within the VM object.

@davidvossel davidvossel added the kind/enhancement label Aug 31, 2017

@davidvossel davidvossel self-assigned this Aug 31, 2017

@davidvossel davidvossel referenced this issue Aug 31, 2017

Merged

Cloud Init 'nocloud' datasource support #372

@fabiand fabiand added size/S topic/virtualization labels Sep 15, 2017

@fabiand

This comment has been minimized.

Show comment
Hide comment
@fabiand

fabiand Sep 15, 2017

Member

Should be easy to solve once #205 is solved
Member

fabiand commented Sep 15, 2017

Should be easy to solve once #205 is solved
@fabiand

This comment has been minimized.

Show comment
Hide comment
@fabiand

fabiand Oct 23, 2017

Member

@rmohr @davidvossel do you have a hint where this check could live and how an implementation could look?
Member

fabiand commented Oct 23, 2017

@rmohr @davidvossel do you have a hint where this check could live and how an implementation could look?
@davidvossel

This comment has been minimized.

Show comment
Hide comment
@davidvossel

davidvossel Oct 23, 2017

Member

The check is going to involve intercepting the VirtualMachine object Put/Post requests and validating the CloudInit's userdata field is less than 2k.

cmd/virt-api/virt-api.go is where the http REST endpoint routes are built. pkg/virt-api/rest/kubeproxy.go contains the function used to build the generic http routes for all our objects.
Member

davidvossel commented Oct 23, 2017

The check is going to involve intercepting the VirtualMachine object Put/Post requests and validating the CloudInit's userdata field is less than 2k.

cmd/virt-api/virt-api.go is where the http REST endpoint routes are built. pkg/virt-api/rest/kubeproxy.go contains the function used to build the generic http routes for all our objects.
@fabiand

This comment has been minimized.

Show comment
Hide comment
@fabiand

fabiand Apr 4, 2018

Member

@davidvossel I suppose this is also something to be covered by the webhook admission controler?
Member

fabiand commented Apr 4, 2018

@davidvossel I suppose this is also something to be covered by the webhook admission controler?
@davidvossel

This comment has been minimized.

Show comment
Hide comment
@davidvossel

davidvossel Apr 4, 2018

Member

@fabiand yes this will be handled in the webhook.
Member

davidvossel commented Apr 4, 2018

@fabiand yes this will be handled in the webhook.

@davidvossel davidvossel referenced this issue Apr 4, 2018

Closed

Use k8s initializers for CRD admission control, and basic defaulting #556

@davidvossel davidvossel referenced this issue Apr 20, 2018

Merged

Webhook CRD Validator #911

@rmohr rmohr closed this in #911 Apr 25, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment