Closed fmui closed 5 years ago
Hey fmui!
Thanks for submitting this pull request! I'm here to inform the recipients of the pull request that you and the commit authors have already signed the CLA.
Hi Florian,
In the context this is written, the Endpoint object is used to describe in a binding exactly which host:port combinations are being used by a specific instance of a service. In this context, in my mind ranges are problematic. A service doesn't describe a configuration of a firewall, and it shouldn't be allowed to specify huge ranges which have to be opened. Services specify specific endpoints, allowing consumers to connect to well-known established host:port combinations.
The example of a firewall configuration section makes sense in the network_data object, not in the Endpoints array.
-- Lior
On Tue, 11 Sep 2018 at 12:40, Florian Müller notifications@github.com wrote:
@fmui commented on this pull request.
In spec.md https://github.com/openservicebrokerapi/servicebroker/pull/586#discussion_r216606902 :
@@ -1398,6 +1510,16 @@ can be mounted on all app instances simultaneously.
* Fields with an asterisk are REQUIRED.
+##### Endpoint Object + +| Response Field | Type | Description | +| --- | --- | --- | +| host | string | A host name, a single IP address, an IP address range like 192.0.2.0-192.0.2.50, or a CIDR block. | +| ports | string | A single port, multiple comma-separated ports, or a single range of ports. |
@liorokman https://github.com/liorokman If your network profile describes, for example, the configuration of a firewall, opening a port range across a CIDR is a use case.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/openservicebrokerapi/servicebroker/pull/586#discussion_r216606902, or mute the thread https://github.com/notifications/unsubscribe-auth/AI-nzgPN8To4MYRiFzF_x_ZVECZ94va3ks5uZ4UdgaJpZM4WEIq9 .
Hello @fmui,
for better understanding I've added an additional drawing into the google docs. Does it describe a correct use case?
Best Regards, Oliver
Spoke with the IBM Cloud team and they are interested in this so we'll be doing some in-depth reviews.
ping @rboykin @phanziii
Hey @fmui We took another look at this and, once the conflicts are sorted, are happy for this to move to the review stage!
I'm splitting this PR into multiple pieces:
As discussed at the last F2F meeting, here is the PR to include network metadata and adapt credentials, if necessary.
This document provides the background: https://docs.google.com/document/d/1XONqDEA-zIGlT6NnM1nTPd0ZmUeqm2cbRnRk8E386eE