pravega-operator icon indicating copy to clipboard operation
pravega-operator copied to clipboard

Published 20 hours ago verified publisher icon pravega

Support for distributing and using separate TLS material for each Pravega pod

Open ravisharda opened this issue 5 years ago • 1 comments

Background:

PR 167, which addressed issue 166 , brought support for distributing externally created TLS material to Pravega Pods via Kubernetes secrets to Pravega Operator managed deployments. Currently, that mechanism allows for using a single set of TLS material per type:

  • All Controller instances/pods share the same TLS certificate and other material.
  • All Segment store instances/pods share the same TLS certificate and other material.

Requirement:

Add support for distributing and using instance/pod-specific TLS material, such that each Segment Store and Controller Pod uses its own set of TLS material.

ravisharda avatar May 20 '19 10:05 ravisharda

Thanks for the report @ravisharda ! Could you please elaborate more on why this is necessary?

Tristan1900 avatar May 20 '19 21:05 Tristan1900