Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[stable/redis-ha]: allow DNS requests to CIDR 169.254.0.0/16 in haproxy NetworkPolicy #308

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

lgatellier
Copy link

What this PR does / why we need it:

This PR adds a rule to the redis-ha haproxy NetworkPolicy to allow haproxy pods to send DNS requests to CIDR 169.254.0.0/16.

This rule is already present in the redis-ha NetworkPolicy.

Special notes for your reviewer:

Checklist

[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]

  • DCO signed
  • Chart Version bumped
  • Title of the PR starts with chart name (e.g. [stable/mychartname])

@DandyDeveloper
Copy link
Owner

@lgatellier I think the idea behind this originally was to intentionally not included it when these options were added originally.

I'd prefer people have full control as there will be bare metal / other cloud providers where this private DNS could be used for something else and end up causing some poor admin a security headache without realizing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants