Open hasethuraman opened 2 years ago
tiagolobocastro
commented
2 years ago Hi, at the moment we don't have such options but we do indeed need to add them. The client we use supports them so we need to stitch them up if you will. In addition we'll need to change the helm chart to configure etcd for it and also provide the certs/keys to our pods.
JordanDeBeer
commented
1 year ago This functionality could open up some pretty interesting use-cases. Mine in particular involves re-using an already existing etcd cluster versus one that runs in-cluster installed via the helm chart.
tiagolobocastro
commented
1 year ago Yeah this is something that would be useful to have, though we haven't had bandwidth to work on this yet. IIRC the etcd library we use supports this so we'd need to change our code to support it too and add support to enable it via helm as well.
tiagolobocastro
commented
3 weeks ago @Johnaius since you are looking into securing the rest api, would you like to also take a stab at this one?
When etcd is enabled with TLS, we need option in mayastor to take client.key, certs. Today I dont see it takes tls options in etcd.rs.
Please do let me know if there is a reason why we cant enable TLS. Otherwise can we use this tracker to add the support?