Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for distributing and using separate TLS material for each Pravega pod #188

Open
ravisharda opened this issue May 20, 2019 · 1 comment
Open

Support for distributing and using separate TLS material for each Pravega pod #188

ravisharda opened this issue May 20, 2019 · 1 comment
Assignees
@pbelgundi
Labels
area/security Issue related to Operator or Pravega Security kind/feature New feature status/needs-investigation Further investigation is required

Comments

@ravisharda
Copy link

Background:

PR 167, which addressed issue 166 , brought support for distributing externally created TLS material to Pravega Pods via Kubernetes secrets to Pravega Operator managed deployments. Currently, that mechanism allows for using a single set of TLS material per type:

  • All Controller instances/pods share the same TLS certificate and other material.
  • All Segment store instances/pods share the same TLS certificate and other material.

Requirement:

Add support for distributing and using instance/pod-specific TLS material, such that each Segment Store and Controller Pod uses its own set of TLS material.
@ravisharda ravisharda changed the title Instance-specific TLS certificates Support for distributing and using seperate TLS material for each Pravega pod May 20, 2019
@Tristan1900
Copy link
Member

Tristan1900 commented May 20, 2019
edited
Loading

Thanks for the report @ravisharda ! Could you please elaborate more on why this is necessary?

@adrianmo adrianmo added area/API Issue related to the custom resource API area/controller Issue related to the operator controller kind/feature New feature status/needs-investigation Further investigation is required labels May 21, 2019
@adrianmo adrianmo changed the title Support for distributing and using seperate TLS material for each Pravega pod Support for distributing and using separate TLS material for each Pravega pod May 30, 2019
@adrianmo adrianmo added the priority/P1 Recoverable error, functionality/performance impaired but not lost, no permanent damage label May 30, 2019
@pbelgundi pbelgundi self-assigned this Jun 4, 2019
@pbelgundi pbelgundi added the version 0.4.0 Issue with Operator 0.4.0 label Jul 2, 2019
@pbelgundi pbelgundi added priority/P2 Slight inconvenience or annoyance to applications, system continues to function area/security Issue related to Operator or Pravega Security and removed version 0.4.0 Issue with Operator 0.4.0 priority/P1 Recoverable error, functionality/performance impaired but not lost, no permanent damage priority/P2 Slight inconvenience or annoyance to applications, system continues to function area/API Issue related to the custom resource API area/controller Issue related to the operator controller labels May 6, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pbelgundi pbelgundi

Labels
area/security Issue related to Operator or Pravega Security kind/feature New feature status/needs-investigation Further investigation is required
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@adrianmo @ravisharda @Tristan1900 @pbelgundi