-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
doc: Document mTLS with rotated certificates in Kubernetes #31913
Conversation
patriknw
commented
Apr 17, 2023
- moved remote security to separate page
- credit to @jroper for writing the original content of the rotated certs
* moved remote security to separate page * credit to @jroper for writing the original content of the rotated certs
@@ -53,6 +53,17 @@ In such situations Akka can be configured to bind to a different network | |||
address than the one used for establishing connections between Akka nodes. | |||
See @ref:[Akka behind NAT or in a Docker container](../remoting-artery.md#remote-configuration-nat-artery). | |||
|
|||
### Service mesh |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
added this here because it's related to "Peer-to-Peer vs. Client-Server"
[known attack surfaces](https://community.microfocus.com/cyberres/fortify/f/fortify-discussions/317555/the-perils-of-java-deserialization). | ||
|
||
<a id="remote-tls"></a> | ||
## Configuring SSL/TLS for Akka Remoting |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this was moved from the remoting-artery.md page
|
||
@@@ | ||
|
||
## mTLS with rotated certificates in Kubernetes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is the new content
secretName: my-service-akka-tls-certificate | ||
``` | ||
|
||
## Untrusted Mode |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this was moved from the remoting-artery.md page
@@ -1,7 +1,7 @@ | |||
--- | |||
project.description: Details about the underlying remoting module for Akka Cluster. | |||
--- | |||
# Artery Remoting | |||
# Remoting |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
since we have removed Classic Remoting
Co-authored-by: Johan Andrén <johan@markatta.com>