Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature request]Add a client certificate to yurthub for forwarding list/watch reqeusts of pool scope metadata. #2342

Open
rambohe-ch opened this issue Feb 26, 2025 · 1 comment
Open

[feature request]Add a client certificate to yurthub for forwarding list/watch reqeusts of pool scope metadata. #2342

rambohe-ch opened this issue Feb 26, 2025 · 1 comment
Labels
kind/feature kind/feature

Comments

@rambohe-ch
Copy link
Member

What would you like to be added:

  1. Yurthub should support forward different kind of list/watch requests according to pool scope metadata configurations which defined in nodepool.Spec.PoolScopeMetadata.
  2. leaderhubrbac controller in yurt-manager had managed clusterrole for list/watching pool scope metadata. and the following clusterolebinding have binded clusterrole to group: openyurt:multiplexer.

    openyurt/charts/yurt-manager/templates/yurt-manager.yaml

    Line 41 in d49ce13

    apiVersion: rbac.authorization.k8s.io/v1

Based on the above background, we need to add the following features in yurthub:

  • apply a new client certificate with organization: openyurt:multiplexer for yurthub.
  • yurthub will use this certificate to forward list/watch requests for pool scope metadata.

others
/kind feature
@rambohe-ch rambohe-ch added the kind/feature kind/feature label Feb 26, 2025
@rambohe-ch
Copy link
Member Author

/assign @rambohe-ch

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature kind/feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rambohe-ch