Change behaviour of external_network_interfaces
#278
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Previously if you defined the `global_defaults.external_network_interfaces` configuration key, the first interface provided would internally be used to restrict which interfaces traffic can ingress into your containers from, even if `wider_world_to_container.rules[].external_network_interfaces` was not defined. This version changes the behaviour such that `global_defaults.external_network_interfaces` is no longer used to determine if traffic can ingress or not. If you want to restrict traffic from reaching your containers to specific interfaces, use the `wider_world_to_container.rules[].external_network_interfaces` configuration key instead. Closes #277.
|
bors r+ |
bors bot
added a commit
that referenced
this pull request
Jun 14, 2020
278: Change behaviour of `external_network_interfaces` r=pitkley a=pitkley Previously if you defined the `global_defaults.external_network_interfaces` configuration key, the first interface provided would internally be used to restrict which interfaces traffic can ingress into your containers from, even if `wider_world_to_container.rules[].external_network_interfaces` was not defined. This version changes the behaviour such that `global_defaults.external_network_interfaces` is no longer used to determine if traffic can ingress or not. If you want to restrict traffic from reaching your containers to specific interfaces, use the `wider_world_to_container.rules[].external_network_interfaces` configuration key instead. Closes #277. Co-authored-by: Pit Kleyersburg <[email protected]>
|
This PR was included in a batch that successfully built, but then failed to merge into master (it was a non-fast-forward update). It will be automatically retried. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Previously if you defined the
global_defaults.external_network_interfacesconfiguration key, the first interface provided would internally be used to restrict which interfaces traffic can ingress into your containers from, even ifwider_world_to_container.rules[].external_network_interfaceswas not defined.This version changes the behaviour such that
global_defaults.external_network_interfacesis no longer used to determine if traffic can ingress or not. If you want to restrict trafficfrom reaching your containers to specific interfaces, use the
wider_world_to_container.rules[].external_network_interfacesconfiguration key instead.Closes #277.