From d1dc775ba59ae30255835466336096a7988cb980 Mon Sep 17 00:00:00 2001 From: Matthew Cary Date: Tue, 9 Jun 2020 21:30:40 +0000 Subject: [PATCH] Adds filtering of hosts to DialContexts. The provided DialContext wraps existing clients' DialContext in an attempt to preserve any existing timeout configuration. In some cases, we may replace infinite timeouts with golang defaults. - scaleio: tcp connect/keepalive values changed from 0/15 to 30/30 - storageos: no change Kubernetes-commit: f2e23afcf13fef805ad5341bd7a5625de5982d6c --- config/v1alpha1/types.go | 6 ++++++ config/v1alpha1/zz_generated.deepcopy.go | 10 ++++++++++ 2 files changed, 16 insertions(+) diff --git a/config/v1alpha1/types.go b/config/v1alpha1/types.go index a92805d..c693f30 100644 --- a/config/v1alpha1/types.go +++ b/config/v1alpha1/types.go @@ -471,6 +471,12 @@ type PersistentVolumeBinderControllerConfiguration struct { PVClaimBinderSyncPeriod metav1.Duration // volumeConfiguration holds configuration for volume related features. VolumeConfiguration VolumeConfiguration + // VolumeHostCIDRDenylist is a list of CIDRs that should not be reachable by the + // controller from plugins. + VolumeHostCIDRDenylist []string + // VolumeHostAllowLocalLoopback indicates if local loopback hosts (127.0.0.1, etc) + // should be allowed from plugins. + VolumeHostAllowLocalLoopback *bool } // PodGCControllerConfiguration contains elements describing PodGCController. diff --git a/config/v1alpha1/zz_generated.deepcopy.go b/config/v1alpha1/zz_generated.deepcopy.go index 5e7fc06..453675d 100644 --- a/config/v1alpha1/zz_generated.deepcopy.go +++ b/config/v1alpha1/zz_generated.deepcopy.go @@ -442,6 +442,16 @@ func (in *PersistentVolumeBinderControllerConfiguration) DeepCopyInto(out *Persi *out = *in out.PVClaimBinderSyncPeriod = in.PVClaimBinderSyncPeriod in.VolumeConfiguration.DeepCopyInto(&out.VolumeConfiguration) + if in.VolumeHostCIDRDenylist != nil { + in, out := &in.VolumeHostCIDRDenylist, &out.VolumeHostCIDRDenylist + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.VolumeHostAllowLocalLoopback != nil { + in, out := &in.VolumeHostAllowLocalLoopback, &out.VolumeHostAllowLocalLoopback + *out = new(bool) + **out = **in + } return }