profile
viewpoint
Ulrich Schreiner ulrichSchreiner Innuendo Software Technology GmbH Munich, Germany

ulrichSchreiner/atocker 27

GoIDE with atom

ulrichSchreiner/carpo 10

Carpo - Browser based Go IDE

metal-stack/metal-ccm 4

K8s Cloud Controller Manager for metal-stack

metal-stack/security 1

JWT and HMAC based security primitives for authentication of services and users

ulrichSchreiner/ansible-docker 1

Dockerized Ansible

issue commentmetal-stack/firewall-controller

Egress IP can still be used after free

Mh. I don't know. Don't really like the fact that it's generally possible to disguise behind IPs that are not even allocated in the metal-api, probably from other projects, too. I always thought that from the metal-stack perspective a user should be able to create his own firewalls and that the user is free to access it through SSH or console if he so desires. But now it sounds like accessing a firewall is more of a "provider admin" thing because malicious users could do evil things.

Maybe the check in the cloud-api prevents this scenario for most of the time, but to me this still leaves a bad aftertaste. 🤔

Gerrit91

comment created time in 2 days

push eventmetal-stack/metal-api

Stefan Majer

commit sha 54aa6419a77f7ba50fe8eb377a40054b45966adf

Remove redirect

view details

push time in 2 days

created tagfi-ts/releases

tagv0.4.0

Contains release notes and release image vectors for cloud-native

created time in 2 days

release fi-ts/releases

v0.4.0

released time in 2 days

push eventmetal-stack/metal-api

Stefan Majer

commit sha 51de296ac71badfa085e1543d72df556dd444a20

Redirect / to metal/apidocs for saner user experience

view details

push time in 2 days

push eventmetal-stack/docs

Documenter.jl

commit sha 9f19b7829c6ee1b5afada8bc44423d9d58990005

build based on 0bc6bb8

view details

push time in 2 days

push eventmetal-stack/docs

Documenter.jl

commit sha d8075950c8cb70edf87109de68293a07f4b61126

build based on 0bc6bb8

view details

push time in 2 days

created tagmetal-stack/docs

tagv0.4.0

Contains the documentation for metal-stack

created time in 2 days

release metal-stack/docs

v0.4.0

released time in 2 days

delete branch metal-stack/docs

delete branch : auto-generate/v0.4.0

delete time in 2 days

push eventmetal-stack/docs

metal-robot[bot]

commit sha 0bc6bb8876d9761f8c20af3cda7fee8281334ea4

Bump releases to version v0.4.0 (#31) * Bump releases to version v0.4.0 * Auto generate Co-authored-by: metal-stack <info@metal-stack.io>

view details

push time in 2 days

PR merged metal-stack/docs

Bump releases to version v0.4.0

Next release

+11 -5

1 comment

5 changed files

metal-robot[bot]

pr closed time in 2 days

created tagmetal-stack/metal-python

tagv0.11.4

Python API client for metal-api

created time in 2 days

release metal-stack/metal-python

v0.11.4

released time in 2 days

delete branch metal-stack/metal-python

delete branch : auto-generate/v0.11.4

delete time in 2 days

push eventmetal-stack/metal-python

metal-robot[bot]

commit sha 59dfbeb31e21a62b0ae146d7e2c362a2a62e57da

Bump metal-api to version v0.11.4 (#23) * Bump metal-api to version v0.11.4 * Bump to version v0.11.4 Co-authored-by: metal-stack <info@metal-stack.io>

view details

push time in 2 days

PR merged metal-stack/metal-python

Bump metal-api to version v0.11.4

Updating swagger client

+181 -181

0 comment

178 changed files

metal-robot[bot]

pr closed time in 2 days

PR opened metal-stack/metal-api

Reviewers
Update to go 1.15 in module, use alpine 3.12, update redoc

@droid42 our image from where we got the redoc-cli was not modified/updated since years, created a redoc-cli installation stage directly. How can we access the redoc gui and see what changed ?

+251 -121

0 comment

3 changed files

pr created time in 2 days

create barnchmetal-stack/metal-api

branch : dependency-updates

created branch time in 2 days

push eventmetal-stack/docs

Documenter.jl

commit sha af647aff26da6f501a1b97a82fbf466da69e43c7

build based on 9993e2b

view details

push time in 2 days

push eventmetal-stack/docs

auto-build

commit sha 10c93362600c9070d2ee157ed23ef8df6c083579

Auto generate

view details

push time in 2 days

issue closedmetal-stack/firewall-controller

Egress IP can still be used after free

Don't know if this project is the right place, but when you delete an Egress IP from a cluster via metal-api the IP can still be used for outgoing requests:

metalctl network ip ls --ipaddress 212.34.83.16
IP      DESCRIPTION     NAME    NETWORK PROJECT TYPE    TAGS 

But in a cluster container:

/ # wget ipconfig.me
Connecting to ipconfig.me (72.52.10.14:80)
Connecting to ifconfig.me (216.239.36.21:443)
saving to 'index.html'
index.html           100% |*******************************************************************************************************************************************************************|    12  0:00:00 ETA
'index.html' saved
/ # cat index.html 
212.34.83.16

closed time in 2 days

Gerrit91

issue commentmetal-stack/firewall-controller

Egress IP can still be used after free

Closing this: cluster will get into error state in this scenario and directly using metalctl is potentially unsafe in various situations.

Gerrit91

comment created time in 2 days

pull request commentmetal-stack/docs

Bump releases to version v0.4.0

Thanks for contributing a pull request to the metal-stack docs!

A rendered preview of your changes will be available at: https://docs.metal-stack.io/previews/PR31/

metal-robot[bot]

comment created time in 2 days

PR opened metal-stack/docs

Bump releases to version v0.4.0

Next release

+1 -1

0 comment

1 changed file

pr created time in 2 days

create barnchmetal-stack/docs

branch : auto-generate/v0.4.0

created branch time in 2 days

push eventfi-ts/releases

metal-stack

commit sha bcbac26f33a03981dd4e049ff65dd779294e0d31

Bump releases to version v0.4.0

view details

push time in 2 days

created tagmetal-stack/releases

tagv0.4.0

Contains release notes and release image vectors for metal-stack

created time in 2 days

release metal-stack/releases

v0.4.0

released time in 2 days

push eventmetal-stack/releases

metal-stack

commit sha 7cd7c807cbcd26945e0e7f9f9bc7bd914ae4fd0c

Bump metal-hammer to version v0.7.3

view details

metal-stack

commit sha 4a2d077fa22bae3ed723b6081963bf71e9991ea5

Bump metal-api to version v0.11.0

view details

metal-stack

commit sha 5a0736c452296138a6027779f0ef55c8243ac530

Bump metalctl to version v0.9.0

view details

Gerrit

commit sha fa8f5534f70bf7b8e0514bad2c92f0b0cdd479a7

Better error message when wait fails.

view details

metal-stack

commit sha 671af2ab12c69660620bae654ea1aeed4a9628d4

Bump kernel to version 5.4.76-40

view details

metal-stack

commit sha 8bb70fd2c237b1effc113733531e809bca25cac1

Bump metal-api to version v0.11.1

view details

metal-stack

commit sha 8ee8c89c22a88b48c367cdd9b455e13ea402904e

Bump metal-dockerfiles to version v0.0.9

view details

metal-stack

commit sha f9cd997815cb7429583797355d53df6b1f8a1e11

Bump metal-dockerfiles to version v0.0.10

view details

metal-stack

commit sha d14194401e4e888fd80e52c3e08e39118deca905

Bump metal-dockerfiles to version v0.1.0

view details

Gerrit

commit sha be39aa68236f1710813d6d0e38e28dcb8b50e5d7

metal-deployment-base has moved to ghcr.io.

view details

metal-stack

commit sha 8960f8d51b0bddfe95f36232439975eccb41c352

Bump metal-ccm to version v0.5.3

view details

metal-stack

commit sha 53d98cc5023470ec53f38995d51d7ff7562d1ee0

Bump metal-hammer to version v0.7.4

view details

metal-stack

commit sha 8a7c528cfeb269acdef212d1dcb211be4bafb21c

Bump kernel to version 5.4.78-41

view details

metal-stack

commit sha 105e9cd50999e86380f02551e728fb24f87da6de

Bump firewall-controller to version v0.2.0

view details

metal-stack

commit sha 33f0d01716022b1aa03d41e252e71744a7c7ef4d

Bump gardener-extension-provider-metal to version v0.13.0

view details

metal-stack

commit sha a510e9e6733608117f19251b00379a985c74606b

Bump metal-core to version v0.6.2

view details

Gerrit

commit sha 4db8843650ca8f98655464c1b511690133c31668

GEPM has moved to ghcr.io.

view details

metal-stack

commit sha 68cee3f9884dec30b5b39751efb5576e34d0b2a3

Bump firewall-controller to version v0.2.1

view details

metal-stack

commit sha e278317a78242354b8a3f84d3fa11b69790172cd

Bump metal-core to version v0.6.3

view details

metal-stack

commit sha ce5fb856c22afc920804183e06e85a957da75b52

Bump metal-api to version v0.11.2

view details

push time in 2 days

more