- Notifications
You must be signed in to change notification settings - Fork 1.8k
Closed
Description
When you have more than ~2600
environment variables in container, the entrypoint will fail https://github.com/nginxinc/docker-nginx/blob/ed42652f987141da65bab235b86a165b2c506cf5/entrypoint/20-envsubst-on-templates.sh#L32
50000 ./test.sh: line 10: /usr/bin/envsubst: Argument list too long
You can easily that reach that number of environment variables in kubernetes when you have a lot of services within one namespace ~60 and running Istio with mTLS. The Istio proxy will inject multiple environment variables for each service. Just one example with 68 services
kubectl get svc | wc -l 68 kubectl exec -it some-pod -- env | wc -l 1752
This will cause the container go into pod crashing loop.
I would propose the give the user a possible to whitelist which environment variables should be passed to template instead of all environment variables
How to reproduce
cat <<EOT > test.sh #!/bin/bash for INDEX in {1..6000} do export VAR_\$INDEX=\$INDEX done defined_envs=\$(printf '\${%s} ' \$(xargs -0n1 -a /proc/self/environ sh -c 'echo "\$@" | grep -oEm1 "^[^=]+"' --)); env | grep "VAR_" | wc -l envsubst "\$defined_envs" < "./template.yaml" EOT cat <<EOT > template.yaml data: \${VAR_1}: bla EOT chmod +x ./test.sh ./test.sh
Metadata
Metadata
Assignees
Labels
No labels