Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Add config param to disable the /admin/shutdown endpoint
See original GitHub issueIssue Type:
- Bug report
- Feature request
What happened:
Currently it is possible to shutdown any Linkerd instance by simple posting to the /admin/shutdown endpoint.
While I can imagine that many scenarios appreciate this behavior, it might not always be the case and could lead to a decrease in availability if attackers repeatedly post to this endpoint.
What you expected to happen:
It would be nice to have a configuration parameter that allows to disable this endpoint.
How to reproduce it (as minimally and precisely as possible):
Start Linkerd locally and run the following command:
$ curl -v -X POST localhost:9990/admin/shutdown
Linkerd will shut down asap.
Anything else we need to know?:
Environment:
- linkerd/namerd version, config files: Latest version, any config that enables the admin server
- Platform, version, and config files (Kubernetes, DC/OS, etc): OS X
- Cloud provider or hardware configuration:
Issue Analytics
- State:
- Created 5 years ago
- Comments:11 (10 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Also a big thanks to @robertpanzer for taking the lead on this long outstanding issue! 🙏
That sounds great. I would just like to also have a whitelist in addition. When we add own pages to the admin ui we should be able to whitelist them explicitly without having to open everything.