Revisit decision to make open listeners optional #389
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
priority/important-longterm
Important over the long term, but may not be staffed and/or may need multiple releases to complete.
Milestone
Comments
davecheney
added
kind/feature
|
This is not going to be addressed in the 0.7 timeframe. |
|
The use-case of not having a health check endpoint is now resolved as that exists on a different listener. I think at this point, not creating a listener or returning a 404 since no paths are defined are almost the same UX. |
|
The current behaviour -- contour does not open an accepting socket until there is traffic to serve on that socket will remain the behaviour for contour 1.0. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
#385 raised the question that the current behaviour of not opening a listener until there is a valid ingress, while justified, is non obvious for newcomers, especially in the case where the AWS elb won’t go green until an ingress is deployed.
This issue tracks the decision to revert this and potentially always open listeners on 80 and 443. This has implications for security (opening ports we don’t necessarily need which might leak routes unintentionally — defence in depth) and for health checks for contour.
The text was updated successfully, but these errors were encountered: