Uploaded image for project: 'VOLTHA'
  1. VOLTHA
  2. VOL-1178

Mount certificates rather than building them into containers

    XMLWordPrintable

    Details

      Description

      Currently SSL certificates and CA are being built directly into various containers (voltha, ponsim, maybe others). This is undesirable from a security and deployment perspective.

      The recommended solution is to mount the certificates into the containers at runtime.

      This involves:

      • Determining names for the certificates to be mounted
      • Changing the container build process to not include these files
      • Creating docker compose/kubernetes config/helm charts that mount the certificates into running containers
      • Documenting how to generate cert in both testing and deployment environments

        Attachments

          Issue Links

          # Subject Branch Project Status CR V

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              zdw Zack Williams
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Gerrit Reviews

                  There is 1 open Gerrit change