Skip to content

[feature request]Add a client certificate to yurthub for forwarding list/watch reqeusts of pool scope metadata. #2342

New issue
New issue
Open
Open
[feature request]Add a client certificate to yurthub for forwarding list/watch reqeusts of pool scope metadata.#2342
Labels
kind/featurekind/feature
@rambohe-ch

Description

@rambohe-ch
rambohe-ch
opened on Feb 26, 2025

What would you like to be added:

  1. Yurthub should support forward different kind of list/watch requests according to pool scope metadata configurations which defined in nodepool.Spec.PoolScopeMetadata.
  2. leaderhubrbac controller in yurt-manager had managed clusterrole for list/watching pool scope metadata. and the following clusterolebinding have binded clusterrole to group: openyurt:multiplexer.

    openyurt/charts/yurt-manager/templates/yurt-manager.yaml

    Line 41 in d49ce13

    apiVersion: rbac.authorization.k8s.io/v1

Based on the above background, we need to add the following features in yurthub:

  • apply a new client certificate with organization: openyurt:multiplexer for yurthub.
  • yurthub will use this certificate to forward list/watch requests for pool scope metadata.

others
/kind feature

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/featurekind/feature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions