-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CFP: Support TLS for Cilium metrics endpoint #32266
Comments
Hi @chancez I’m new to Cilium development but I’m eager to jump in and contribute! I have a cilium setup in my local. I wanted to work on this issue. Can you please guide me to work on this issue what should I learn and what are the necessary changes that are required? Also if I made the changes how I will be able to test those etc? |
Hey @Mukul1235 thanks for your interest, however we're aiming to get this feature into Cilium 1.16 before our feature freeze in a few weeks so I'm assigning this to an existing contributor to get this expedited. |
@Mukul1235 feel free to pick this up, we decided we didn't need this immediately for the upcoming release. |
Hi @chancez Is it also necessary to implement a feature similar to this cilium/certgen#199 in certgen to fix this issue? |
@chaunceyjiang probably yes, though it's a bit unclear since it's currently only being used for Hubble related certificates and we've discussed making certgen logic bit less hard-coded to each component, but nothing concrete has been decided on how we want to approach it. |
Cilium Feature Proposal
Is your proposed feature related to a problem?
Securing metrics is important for many users, so we should support TLS on the Cilium metrics endpoint. While we're there, we can also support mTLS so we can have a very simple authentication method for metrics.
Describe the feature you'd like
mTLS/TLS for cilium metrics.
Related: #31973
The text was updated successfully, but these errors were encountered: