Etai Lev Ran
Etai Lev Ran
See #61 for details
For example, traffic redirection to gateways (k8s services, iptables, etc.), retrieving client properties for egress authorization, handling DNS/Service creation for an import, etc.
The goal is to consider how our object model can be mapped into k8s to provide a centralized management function that supports user management, security, persistency, etc. In essence, we...
Possible metrics may include: - authorizations upcalls (grouping can be on allow/deny, matching ACL policies, service and/or client) - CPU and memory - objects configured (count of services, peers, etc,...
In a demo scenario, we want an app from one Cloud to make use of objects in S3 on AWS. The S3 buckets will be configured so they are only...
In TLS communication, the client accessing a service via ClusterLink gateways requires that the local name resolved appears in the certificate presented by the server. For k8s services, it means...
Document steps for creating a VPE on the cloud and making a cloud resource (e.g., COS bucket) accessible only via the VPE
Complementary to work in #77 - ensure ClusterLink works when deployed in a single namespace. Correct RBAC is needed to access the single namespace only. We may want to support...
"Unprivileged mode" can be interpreted as a continuum. A simpler case is running and configuring ClusterLink the context of a single namespace deployment ("cluster" admin and application admin are the...
Allow users to talk back on blogs using a commenting system. Find a free service tier on one of the known providers, or use GitHub discussions (possibly [integrated with hugo](https://blog.puvvadi.me/posts/github-comments-hugo-giscus/)).