Loading...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Blocker
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Story Points:
8
Epic Link:
Federating Service Mesh
Blocked:
False
Ready:
False
Release Note Text:
Undefined
Market:

Sprint:
Sprint 5

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

As a mesh administrator, I want to be able to join two meshes into a federation that do not share a root certificate, so that administrative domains can be completely separate

This story covers exchange of certificate chains at Federation initialization- for continuous updates of cert chains, see MAISTRA-2238

Acceptance Criteria:

Cert chains are communicated between meshes automatically
Fetching of cert chains only happens once at initialization
Certificates are written into an emptyDir volume mounted into the istiod pod

blocks

MAISTRA-2238 Certificate Rotation

Backlog

clones

MAISTRA-2242 Support different root certificates

Closed

is related to

OSSM-399 Federated Identity Management [with SPIRE?]

Closed

Assignee:: Unassigned

Reporter:: Daniel Grimm

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2021/04/26 2:27 PM

Updated:: 2022/02/01 11:55 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates