Proposal for adding headers with the command name to kubectl requests #855
Conversation
k8s-ci-robot
added
cncf-cla: yes
| ``` | ||
|
|
||
| ``` | ||
| Kubectl-Command: apply |
There was a problem hiding this comment.
while Command and Flags is clear-ish, I'm still trying to understand what input and output are.
You should give an example of a more nested command (kubectl create secret generic), what would happen in that case?
Also as a side note, I thought it might be useful to send a random hash too, so that we can bundle commands issued from the same kubectl command (kubectl would create that has at the beginning and use it for all requests).
There was a problem hiding this comment.
I thought it might be useful to send a random hash too
I think you are suggesting creating a session id? Perhaps we could use a UUID? This could even be used as a traceid if we got open tracing working :)
|
Yes
…On Tue, Feb 26, 2019 at 7:29 PM Phillip Wittrock ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In keps/sig-cli/kubectl-commands-in-headers.md
<#855 (comment)>
:
> +## Proposal
+
+Include in requests made from kubectl to the apiserver:
+
+- the kubectl subcommand
+- which flags were specified (but not the values)
+- whether or not specific flags had specific values - e.g. `-f -` for stdin
+
+### Example
+
+```sh
+$ kubectl apply -f - -o yaml
+```
+
+```
+Kubectl-Command: apply
I thought it might be useful to send a random hash too
Like a UUID?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#855 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AB1xrCyvnJF7J2c7aM9ID1M0pEw6082mks5vRfuqgaJpZM4bRPS9>
.
|
|
PTAL |
|
|
||
| ### Non-Goals | ||
|
|
||
| NA |
There was a problem hiding this comment.
I think we should explicitly indicate that this information is not provided to be used by the apiserver to determine behavior of a request in any way. I remember there was an occasion a few years back where someone tried to make the server reply differently based on which user-agent came through.
There was a problem hiding this comment.
I made this an anti-goal, which is a bit stronger.
| Include in requests made from kubectl to the apiserver: | ||
|
|
||
| - the kubectl subcommand | ||
| - which flags were specified (but not the values) |
There was a problem hiding this comment.
will there be an opt-in for certain cases? I'd like to see the kubectl patch --type value to know which kinds of patches are actually being frequently used.
There was a problem hiding this comment.
Yeah, it might be useful to have a mechanism to indicate which flag values are sensitive or not. -o for example is complex because some values can be sensitive (-o column-name=...) and some aren't (-o yaml). We could improve the flag registration mechanisms that we use in kubectl to have this sort of semantic maybe?
There was a problem hiding this comment.
SGTM. We could start with a whitelisted set of flags we will include an enumerated value for (never arbitrary values supplied by the user). We can expand the list over time. That was the intention for -f and -o values.
There was a problem hiding this comment.
SGTM. We could start with a whitelisted set of flags we will include an enumerated value for (never arbitrary values supplied by the user). We can expand the list over time. That was the intention for -f and -o values.
Yeah, I think that would work well.
| - `Kubectl-Command: kubectl apply` | ||
| - `Kubectl-Command: kubectl create secret tls` | ||
| - `Kubectl-Command: kubectl delete` | ||
| - `Kubectl-Command: kubectl get` |
There was a problem hiding this comment.
I'd this report just Kubectl-Command: get for example, we already know it's kubectl command (from header Kubectl-command), why repeat yourself.
There was a problem hiding this comment.
And I don't think we want to know how people name their kubectl command on their filesystem.
| The `Kubectl-Flags` Header contains a list of the kubectl flags that were provided to the sub | ||
| command. It does *not* contain the flag values, only the names of the flags. It | ||
| does not normalize into short or long form. If a flag is provided multiple times | ||
| it will appear multiple times in the list. Flags are sorted alpha-numerically and |
There was a problem hiding this comment.
Why do you want to sort them?
There was a problem hiding this comment.
Will make it easier for humans to read.
|
|
||
| Examples: | ||
|
|
||
| - `Kubectl-Output: yaml` |
There was a problem hiding this comment.
This will overlap with Kubectl-flags or you're planning to exclude output-related flags?
There was a problem hiding this comment.
Or this will let us differentiate between default output and requested output, like you're describing in your example?
There was a problem hiding this comment.
Right. I could actually move these into flags as enums.
| requests were made from the same kubectl command invocation. The Session Header is generated | ||
| once for each kubectl process. | ||
|
|
||
| - `Kubectl-Session: 67b540bf-d219-4868-abd8-b08c77fefeca` |
There was a problem hiding this comment.
It was @apelisse 's idea :)
|
|
||
| ### Risks and Mitigations | ||
|
|
||
| Unintentionally including sensitive information in the request headers - such as local directory paths |
There was a problem hiding this comment.
We don't pass flag values, so that should not be a concern.
| Unintentionally including sensitive information in the request headers - such as local directory paths | ||
| or cluster names. | ||
|
|
||
| Mitigations: only include the following non-sensative information: |
|
PTAL |
|
Sorry, PTAL for real this time. |
|
|
||
| ### Kubectl-Command Header | ||
|
|
||
| The `Kubectl-Command` Header contains the kubectl sub command. It contains |
There was a problem hiding this comment.
Aren’t we supposed to put X- in front of custom headers,
There was a problem hiding this comment.
My understanding is that it is deprecated: link
There was a problem hiding this comment.
I think the deprecation is primarily for headers that may be standardized in an RFC at some point in the future.
There was a problem hiding this comment.
My reading of that RFC is that X- prefixes are deprecated pretty much for all cases - hence the title Deprecating the "X-" Prefix and Similar Constructs in Application Protocols
If it's not too late to fix this before the beta, it'd be great to sort that out.
|
|
||
| ### Goals | ||
|
|
||
| - Allow cluster administrators to identify how requests in the logs were generated from |
There was a problem hiding this comment.
That’s it? No other goals?
There was a problem hiding this comment.
What did you have in mind?
There was a problem hiding this comment.
Tried to add some color here. LMK if it makes sense to you.
|
PTAL. I've added and expanded a few things. |
|
/lgtm observability is a good thing. |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: monopole, pwittrock The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
KEP PR Approvers: