-
Notifications
You must be signed in to change notification settings - Fork 804
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BESU-507] Resolve crashing NAT detectors on GKE #731
Merged
AbdelStark
merged 9 commits into
hyperledger:master
from
matkt:feature/besu-507-crash-gke-nat-detector
Apr 17, 2020
Merged
[BESU-507] Resolve crashing NAT detectors on GKE #731
AbdelStark
merged 9 commits into
hyperledger:master
from
matkt:feature/besu-507-crash-gke-nat-detector
Apr 17, 2020
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When we deny a connection based on HTTP hostname log to trace the rejected value. Signed-off-by: Danno Ferrin <[email protected]> Co-authored-by: Usman Saleem <[email protected]> Signed-off-by: Karim TAAM <[email protected]>
…elop Signed-off-by: Karim TAAM <[email protected]>
Signed-off-by: Karim TAAM <[email protected]>
…besu-507-crash-gke-nat-detector Signed-off-by: Karim TAAM <[email protected]>
AbdelStark
approved these changes
Apr 17, 2020
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me.
Signed-off-by: Karim TAAM <[email protected]>
AbdelStark
reviewed
Apr 17, 2020
nat/src/main/java/org/hyperledger/besu/nat/kubernetes/KubernetesNatManager.java
Outdated
Show resolved
Hide resolved
…besu-507-crash-gke-nat-detector Signed-off-by: Karim TAAM <[email protected]>
Signed-off-by: Karim TAAM <[email protected]>
Signed-off-by: Karim TAAM <[email protected]>
AbdelStark
added
the
doc-change-required
Indicates an issue or PR that requires doc to be updated
label
Apr 17, 2020
bgravenorst
removed
the
doc-change-required
Indicates an issue or PR that requires doc to be updated
label
Mar 4, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Karim TAAM [email protected]
PR description
Issue : #507
It is no longer necessary in KUBERNETES to create a volume and to move the kubeconfig file in this volume
You can check the service thanks to this command
And then deploy Besu
On GKE it may be necessary to give permissions to besu so that it can retrieve the list of services via the Kubernetes API
A simple solution is to call this command.
This command should only be used in DEV and not in production. In production we need a finer management of permissions using Kubernetes
Role-based access control
If BESU does not have permissions (or if it does not detect the service) it will use the fallback mechanism by warning the user.
If the user does not want to use the detection he can call BESU with the
--nat-method = NONE
option