New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MGMT-14730: Validate that manifest file size does not exceed 1MB #5281
MGMT-14730: Validate that manifest file size does not exceed 1MB #5281
Conversation
@paul-maidment: This pull request references MGMT-14730 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: paul-maidment The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
internal/manifests/manifests.go
Outdated
@@ -353,6 +353,10 @@ func (m *Manifests) validateAllowedToModifyManifests(ctx context.Context, cluste | |||
} | |||
|
|||
func (m *Manifests) validateUserSuppliedManifest(ctx context.Context, clusterID strfmt.UUID, manifestContent []byte, fileName string) error { | |||
maxFileSizeBytes := 1048576 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maxFileSizeBytes := 1048576 | |
maxFileSizeBytes := 1024 * 1024 * 1024 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this should be
maxFileSizeBytes := 1024 * 1024
internal/manifests/manifests.go
Outdated
@@ -353,6 +353,10 @@ func (m *Manifests) validateAllowedToModifyManifests(ctx context.Context, cluste | |||
} | |||
|
|||
func (m *Manifests) validateUserSuppliedManifest(ctx context.Context, clusterID strfmt.UUID, manifestContent []byte, fileName string) error { | |||
maxFileSizeBytes := 1048576 | |||
if len(manifestContent) > maxFileSizeBytes { | |||
return m.prepareAndLogError(ctx, http.StatusBadRequest, errors.Errorf("Manifest content of file %s for cluster ID %s exceeds the maximum file size of 1MB", fileName, string(clusterID))) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return m.prepareAndLogError(ctx, http.StatusBadRequest, errors.Errorf("Manifest content of file %s for cluster ID %s exceeds the maximum file size of 1MB", fileName, string(clusterID))) | |
return m.prepareAndLogError(ctx, http.StatusBadRequest, errors.Errorf("Manifest content of file %s for cluster ID %s exceeds the maximum file size of 1MiB", fileName, string(clusterID))) |
Can you please link to the installer code that enforces this limit? Is this 1MiB or 1MB? |
813ef8e
to
580d656
Compare
@paul-maidment: This pull request references MGMT-14730 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Explanation added to comments about ConfigMap size limit in Kubernetes. |
@paul-maidment: This pull request references MGMT-14730 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #5281 +/- ##
==========================================
+ Coverage 67.47% 68.72% +1.25%
==========================================
Files 221 221
Lines 33045 34296 +1251
==========================================
+ Hits 22298 23571 +1273
+ Misses 8731 8677 -54
- Partials 2016 2048 +32
|
internal/manifests/manifests.go
Outdated
@@ -353,6 +353,12 @@ func (m *Manifests) validateAllowedToModifyManifests(ctx context.Context, cluste | |||
} | |||
|
|||
func (m *Manifests) validateUserSuppliedManifest(ctx context.Context, clusterID strfmt.UUID, manifestContent []byte, fileName string) error { | |||
// Ultimately manifests are consumed into a ConfigMap. The max permitted size of a ConfigMap is 1MiB |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ultimately manifests are consumed into a ConfigMap
Not sure I understand, can you explain this? consumed by who?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
config map is not exactly a correct term. MachineConfig
for example is a manifest as well but it's not a configmap, i would describe it as a etcd resource in k8s is limited to 1MB
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I meant to say "stored in a configmap", have updated the code
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, changed this now to say
// etcd resources in k8s are limited to 1MiB
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is your source that etcd resources are limited to 1MiB? All I see is docs talking about configmaps being limited
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is your source that etcd resources are limited to 1MiB? All I see is docs talking about configmaps being limited
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My source is this internal conversation https://redhat-internal.slack.com/archives/CUPJTHQ5P/p1686135268686879
Where it is acknowledged that the etcd max size is 1.5MiB
https://etcd.io/docs/v3.5/dev-guide/limit/#request-size-limit
However, also mentions that the effective limit is 1MiB for ConfigMaps
https://kubernetes.io/docs/concepts/configuration/configmap
Is there a massive concern to setting the manifest limit to 1MiB ? Do you want to make the distinction between different types of content and change the limit accordingly?
Should we try to find out more about what the limit should be, who should we ask?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we set the limit to 1MiB then it would be possible to upload a manifest content of this size and that might lead to an attempt to create a config map of this size.
That's why I think we should lower it to 1MiB as this is the lowest value in common between ConfigMaps and etcd resources.
If we want to analyse manifest content to determine what size should be uploaded, I think this would get complicated quickly.
So I think it's best to set to 1 MiB
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a massive concern to setting the manifest limit to 1MiB
No, I just want to understand why we are doing what we're doing
Do you want to make the distinction between different types of content and change the limit accordingly?
Not necessarily, but if we don't do that, we need to at-least acknowledge in a comment explicitly that our blanket limit of 1MiB is too conservative but is done to easily have the correct limit also for configmaps without worrying about the exact type of resource
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have updated the comments and commit message to reflect this concern
53fe42a
to
45519be
Compare
@paul-maidment: This pull request references MGMT-14730 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
0a3c68a
to
49136dc
Compare
@paul-maidment: This pull request references MGMT-14730 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/lgtm |
/test edge-unit-test |
/hold test failures |
etcd resources in k8s are limited to 1.5 MiB as indicated here https://etcd.io/docs/v3.5/dev-guide/limit/#request-size-limit however, one the the resource types that can be created from a manifest is a ConfigMap which has a size limit of 1MiB as cited here https://kubernetes.io/docs/concepts/configuration/configmap so this limit has been chosen based on the lowest permitted resource size (the size of the ConfigMap) Presently we do not validate the maximum size during upload or edit. This pull request addresses that by validating that the file does not exceed this limit.
49136dc
to
0e754ef
Compare
This should fix the failures. Will unhold when this is the case and seek another review. One change sets the filesize the correct limit of 1024 * 1024 bytes. |
/lgtm |
/unhold |
/hold |
/hold cancel |
/refresh |
/hold |
@paul-maidment: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/unhold |
…nshift#5281) etcd resources in k8s are limited to 1.5 MiB as indicated here https://etcd.io/docs/v3.5/dev-guide/limit/#request-size-limit however, one the the resource types that can be created from a manifest is a ConfigMap which has a size limit of 1MiB as cited here https://kubernetes.io/docs/concepts/configuration/configmap so this limit has been chosen based on the lowest permitted resource size (the size of the ConfigMap) Presently we do not validate the maximum size during upload or edit. This pull request addresses that by validating that the file does not exceed this limit.
etcd resources in k8s are limited to 1.5 MiB as indicated here https://etcd.io/docs/v3.5/dev-guide/limit/#request-size-limit
however, one the the resource types that can be created from a manifest is a ConfigMap
which has a size limit of 1MiB as cited here https://kubernetes.io/docs/concepts/configuration/configmap
so this limit has been chosen based on the lowest permitted resource size (the size of the ConfigMap)
Presently we do not validate the maximum size during upload or edit.
This pull request addresses that by validating that the file does not exceed this limit.
List all the issues related to this PR
What environments does this code impact?
How was this code tested?
Checklist
docs
, README, etc)Reviewers Checklist