[FEATURE] Secure connections to Redfish APIs end-to-end #47
Labels
area/redfish
Front-end protocol related and it's Redfish
component/agent
Relevant to the virtualized BMCs
kind/feature
New feature proposed/asked
Milestone
Comments
starbops
added
kind/feature
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Some might not want to add an ingress controller to their K8s cluster. They can manually have kube-vip deployed and modify each of the
virtbmcCluster-type Services they want to expose externally to become the LoadBalancer-type, much like #3 described. Nevertheless, the connection will be plain text (regarding Redfish). As a result, we need to take care of these people and enable KubeVirtBMC's agent to handle HTTPS connections directly. That is to say, users can expose Redfish APIs through LoadBalancer-type Services externally without needing an ingress controller, and the connections are fully encrypted, end to end.Describe the solution you'd like
The Redfish emulator should be able to handle HTTPS connections natively, which implies managing its key and certificate.
Describe alternatives you've considered
Access the APIs through an ingress controller, much like we do currently.
Additional context
This is also one of the remaining items from #2.
The text was updated successfully, but these errors were encountered: