Uploaded image for project: 'Network Observability'
  1. Network Observability
  2. NETOBSERV-2503

Secure connection between agent and FLP

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • FLP
    • None
    • None
    • NetObserv - Sprint 280, NetObserv - Sprint 281

      Set up TLS between agent and FLP

      Note that mTLS cannot be configured through the openshift service annotations (Service CA operator https://github.com/openshift/service-ca-operator ), we we rely on at the moment.

      To implement mTLS, an option would be to create our own signer & trust bubble, but that's out of scope for now (FTR: that's something https://github.com/openshift/library-go can help with, for instance etcd is doing something similar: https://github.com/openshift/cluster-etcd-operator/blob/3f2f972c990b132cd397034f2b17f55b913d7e48/pkg/operator/etcdcertsigner/etcdcertsignercontroller.go )

              jtakvori Joel Takvorian
              jtakvori Joel Takvorian
              None
              None
              Kapil Jain Kapil Jain
              None
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: