Etai Lev Ran comments

Results 27 comments of


                                            Etai Lev Ran

Support for `-capath` path option in addition to `-cacert`

Since we're moving to use of SDS, these flags should be added to the *control plane* and communicated to the data plane over SDS on updates. The `--cacert` CLI flag...

Policy engine to consider more workload attributes when deciding on a connection

References #86

Policy engine to consider more workload attributes when deciding on a connection

> 1. There is currently no way to get the attributes of the requesting workload on the remote service side. We only know the name of the requesting peer. This...

Enable `nilnil` linter

Related to #412?

Abstract control plane actions that environment specific behind an interface

an alternative may be to have an operator listening to changes in the k8s API *or* xDS and then "replicating" the intended to the relevant environment. CC: @praveingk

Abstract control plane actions that environment specific behind an interface

Not sure I understand what k3s would be used for? Just managing the control plane or the entire runtime, incl data plane? What about user workloads?

Improve DNS support

@aviweit

Create SECURITY.md

Not sure we want vulnerabilities reported as normal issues. Need to research what options are available so they can be fixed before disclosed publicly (e.g., maintainers mailing list)

Create SECURITY.md

Enabled private vulnerability reporting on the repo. Revised SECURITY.md text to reflect that.

[BUG]: clusterlink uninstall does not remove user Service CRs createrd per Import operation.

Possibly related to #557? Seems to leave residual services also not after crashing?