You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: source/plugins/cloudstack-kubernetes-service.rst
+56Lines changed: 56 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -385,6 +385,55 @@ The service provides functionality to access kubeconfig file for a running Kuber
385
385
386
386
getKubernetesClusterConfig API can be used to retrieve kubeconfig file data for a cluster. It takes id of the cluster as the input parameter.
387
387
388
+
Note: The meta-data and user-data of the underlying host can be accessed by the container running on the cks cluster. If you want prevent the access follow the below steps
389
+
390
+
.. parsed-literal::
391
+
392
+
- The meta-data and user-data of the underlying worker-nodes can be accessed by the containers running on the CKS cluster
393
+
394
+
For example deploy a container on a cks cluster
395
+
396
+
kubectl exec -it <container> -- /bin/sh
397
+
398
+
curl http://data-server/latest/meta-data/
399
+
service-offering
400
+
availability-zone
401
+
local-ipv4
402
+
local-hostname
403
+
public-ipv4
404
+
public-hostname
405
+
instance-id
406
+
vm-id
407
+
public-keys
408
+
cloud-identifier
409
+
hypervisor-host-name
410
+
411
+
curl http://data-server/latest/user-data/
412
+
413
+
414
+
- If you want to prevent the access of meta-data and user-data from the containers running on cks-cluster, Execute the following yaml
0 commit comments