[VOL-1178] Mount certificates rather than building them into containers - OpenCORD JIRA

XML

Word

Printable

Details

Type: Bug
Status: Resolved (View Workflow)
Priority: Medium
Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Component/s: Deprecated - vOLTHA Core, Documentation, ponsim
Labels:
None

Story Points:
5
Epic Link:
VOLTHA Security

Description

Currently SSL certificates and CA are being built directly into various containers (voltha, ponsim, maybe others). This is undesirable from a security and deployment perspective.

The recommended solution is to mount the certificates into the containers at runtime.

This involves:

Determining names for the certificates to be mounted
Changing the container build process to not include these files
Creating docker compose/kubernetes config/helm charts that mount the certificates into running containers
Documenting how to generate cert in both testing and deployment environments

Attachments

Issue Links

relates to

VOL-1615 Create VOLTHA 2.0 Helm Charts

Resolved

Options
- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

Gerrit Reviews

#	Subject	Branch	Project	Status	CR	V
12565,2	VOL-1178:Mount certificates rather than building them into containers	master	voltha-go	Status: NEW	0	0

Activity

People

Assignee:: Unassigned

Reporter:: Zack Williams

Watchers:: 5 Start watching this issue

Dates

Created:: 2018/08/21 8:44 AM

Updated:: 2019/11/08 11:37 AM

Resolved:: 2019/09/20 1:46 PM

Gerrit Reviews

There is 1 open Gerrit change

VOL-1178:Mount certificates rather than building them into containers

0 Gerrit Review: