You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Magnum UI surfaces an 'Allowed CIDR' label for the tenant cluster's k8s API access. magnum-cluster-api doesn't support this label, but given that it is silently ignored, this could give tenants a false sense of security with regard to their cluster's control plane, potentially leaving it open to all Internet traffic.
For the time being in our own deployment, we have added a check to validate_cluster in utils.py which prevents users launching clusters which make use of floating IPs against their control nodes.
The text was updated successfully, but these errors were encountered:
Magnum UI surfaces an 'Allowed CIDR' label for the tenant cluster's k8s API access. magnum-cluster-api doesn't support this label, but given that it is silently ignored, this could give tenants a false sense of security with regard to their cluster's control plane, potentially leaving it open to all Internet traffic.
For the time being in our own deployment, we have added a check to
validate_clusterinutils.pywhich prevents users launching clusters which make use of floating IPs against their control nodes.The text was updated successfully, but these errors were encountered: