Uploaded image for project: 'Knative Serving'
  1. Knative Serving
  2. SRVKS-784

[RFE]Openshift Serverless (natively in Knative) Passthrough/Re-encrypt Support

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Done
    • Icon: Major Major
    • 1.25.0
    • None
    • None
    • Encryption/Pass through in Knative natively
    • False
    • False
    • To Do
    • 0% To Do, 0% In Progress, 100% Done
    • Hide
      New features:
      - Enabling TLS for internal traffic is available as Technology preview. Please refer to the "Global configuration" section (draft in SRVKS-951) for more detail.
      Show
      New features: - Enabling TLS for internal traffic is available as Technology preview. Please refer to the "Global configuration" section (draft in SRVKS-951 ) for more detail.
    • 25

      1. Proposed title of this feature request

      Openshift Serverless Passthrough/Re-encrypt Support

      2. What is the nature and description of the request?

      Currently containers run under Openshift Serverless must communicate using HTTP/1.1 wihout any encryption, and in case there is encryption this terminates at the knative-serving side rather than at the container level (thus not achieving full end-to-end encryption and failing some security standards).

      Supporting passthrough/re-encrypt in the ingress for serverless would enable this feature and make customer's environments more secure.

       

      3. Why does the customer need this? (List the business requirements here)

      Security audit on customer cluster demands that all traffic is encrypted, even inside the cluster, so they are using passthrough routes but they can't achieve this with their serverless services.

       

      4. List any affected packages or components.

      • Openshift-Serverless
      • Knative-Serving
      • Knative-Activator
      • Knative Queue-Proxy

       

              rhn-support-knakayam Kenjiro Nakayama (Inactive)
              naisingh@redhat.com Naina Singh
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: