Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security Demo relies unnecessarilly on spiffe-helper #91

Open
azdagron opened this issue Jan 28, 2021 · 0 comments
Open

Security Demo relies unnecessarilly on spiffe-helper #91

azdagron opened this issue Jan 28, 2021 · 0 comments

Comments

@azdagron
Copy link

azdagron commented Jan 28, 2021

The Identity Management Using SPIRE for Kubeedge demo places the spiffe-helper between Ghostunnel and SPIRE agent in order to allow Ghostunnel to consume resources off of the SPIFFE Workload API. While this was necessary in the past, Ghostunnel has had first-class support for the SPIFFE Workload API since the middle of 2019.

The architecture of the demo can be simplified greatly by removing the spiffe-helper and configuring Ghostunnel to use the SPIFFE Workload API directly.

https://github.com/ghostunnel/ghostunnel/blob/master/docs/SPIFFE-WORKLOAD-API.md

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant