Closed bharath-avesha closed 1 month ago
I am researching on the issue and will come up with an approach soon. Can you please assign this to me?
I am happy to assign this issue to you @soharab-ic, please let us know if you require any help.
GetAllServiceExport
.spec.aliases
field of the ServiceExport object do not have conflicting names with other existing ServiceExport objects in the same namespace.@narmidm @bharath-avesha Please take a look.
@soharab-ic the approach looks good. Only correction is: On point 3, you will have to look for all service export objects for the slice, not just the same namespace. You could use the namespace labels added by worker-operator to get all namespaces belonging to the slice.
Thanks for the feedback @bharath-avesha
π Description
A service can be exported over the slice network by creating a ServiceExport object. Such services are accessible through the slice fqdn:..svc.slice.local. But the users can choose to use a different fqdn by adding alias names to the ServiceExport object. Currently, there is no validation of the alias names. We cannot have conflicting alias names in the sense that the user should not be allowed to set the same alias name different services.
π Reproduction steps
Export two services by creating ServiceExport objects. Set the same alias names on both the ServiceExport objects.
The dns resolution of the exported service names will point to incorrect addresses. Service S1 resolution could result in endpoint IP addresses belonging to Service S2.
π Expected behavior
The alias names need to be validated and admission of ServiceExport objects with conflicting alias names should be rejected.
π Actual Behavior
ServiceExport objects for different services but with same alias names are allowed to be created.
π Relevant log output
No response
Version
No response
π₯οΈ What operating system are you seeing the problem on?
No response
β Proposed Solution
No response
π Have you spent some time to check if this issue has been raised before?
Code of Conduct