This repository has been archived by the owner on Jun 20, 2024. It is now read-only.
Only expose metrics by default in weave-kube #3271
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
brb
reviewed
Apr 9, 2018
| @@ -54,6 +54,12 @@ else | |||
| fi | |||
| fi | |||
|
|
|||
| STATUS_OPTS="--metrics-addr=$METRICS_ADDR" | |||
| # --status-addr exposes internal information, so only turn it on if asked to. | |||
This comment was marked as abuse.
This comment was marked as abuse.
Sorry, something went wrong.
| @@ -474,10 +476,17 @@ func main() { | |||
| muxRouter.Methods("GET").Path("/metrics").Handler(metricsHandler(router, allocator, ns, dnsserver)) | |||
| statusMux := http.NewServeMux() | |||
| statusMux.Handle("/", muxRouter) | |||
| Log.Println("Listening for metrics requests on", statusAddr) | |||
| Log.Println("Listening for status+metrics requests on", statusAddr) | |||
This comment was marked as abuse.
This comment was marked as abuse.
Sorry, something went wrong.
This comment was marked as abuse.
This comment was marked as abuse.
Sorry, something went wrong.
This comment was marked as abuse.
This comment was marked as abuse.
Sorry, something went wrong.
brb
reviewed
Apr 9, 2018
site/tasks/manage/metrics.md
Outdated
|
|
||
| When installed as a Kubernetes Addon, the router listens for metrics | ||
| requests on 0.0.0.0:6782 and the Network Policy Controller listens on | ||
| 0.0.0.0:6781. No other requests are served on these endpoints. |
This comment was marked as abuse.
This comment was marked as abuse.
Sorry, something went wrong.
site/tasks/manage/metrics.md
Outdated
| You can also add `--metrics-addr=X.X.X.X:PORT` to specify an address | ||
| to listen for metrics only. | ||
|
|
||
|
|
This comment was marked as abuse.
This comment was marked as abuse.
Sorry, something went wrong.
site/tasks/manage/metrics.md
Outdated
|
|
||
| Set it to an empty string to disable. | ||
|
|
||
| You can also add `--metrics-addr=X.X.X.X:PORT` to specify an address |
This comment was marked as abuse.
This comment was marked as abuse.
Sorry, something went wrong.
brb
approved these changes
Apr 9, 2018
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The handler for
--status-addrexposes/metrics,/statusand/report, and since we listen on 0.0.0.0 by default in weave-kube this could be attacked.Change the default to only answer
/metrics, while retaining compatibility for anyone who set theWEAVE_STATUS_ADDRvariable.