gNMIc REST API interface protection #529
Comments
vseregin63
changed the title
|
Have a good day! I found in docs how to configure api server with tls auth required (https://gnmic.openconfig.net/user_guide/api/api_intro/) and added rootCA and server key/cert to gnmic config file api-server: It works, but i still do not understand where to put generated client cert and key bacouse they needed for protected intra cluster operation. Without it leader tries to assign element to slave gnmic via https and fails (doesn`t have a cert) 2024/10/22 12:36:38.240084 [gnmic] failed assigning target "leaf1" to service "gnmic-api": Post "https://server.com:7890/api/v1/config/targets": remote error: tls: certificate required @karimra Please help |
|
mTLS is currently not supported by the clustering client. I agree that it will be useful, I will look into it. |
|
Thanks for reply, @karimra! If you could implement this, it will be great! |
Hi, Team!
We use gnmic cluster of two nodes. In such a cluster master node assign targets to slave via http rest api. Is where is a way to protect rest api interfaces of nodes from another network connection? May be user/pass auth, token auth or tls certs auth are supported on rest api? Please direct to docs.
Thnx!
The text was updated successfully, but these errors were encountered: