Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure mTLS support for GRPC clients is available and consistent #4187

Open
owen-d opened this issue Aug 18, 2021 · 1 comment
Open

Ensure mTLS support for GRPC clients is available and consistent #4187

owen-d opened this issue Aug 18, 2021 · 1 comment
Labels
keepalive An issue or PR that will be kept alive and never marked as stale.

Comments

@owen-d
Copy link
Member

owen-d commented Aug 18, 2021

I'm opening this issue after reviewing #4176.

There are a few places where we have specific inter-component grpc connections, namely querier->ingester (which you've handled in this PR), querier->query-frontend|query-scheduler (the latter is a recently added component), query-frontend->query-scheduler , and querier->index-gateway (another recently added component). We should ensure that mTLS over grpc works as expected, is configurable, and is applied consistently within the codebase.

This is already handled in the configuration chain:
https://github.com/cortexproject/cortex/blob/master/pkg/util/grpcclient/grpcclient.go#L78
https://github.com/cortexproject/cortex/blob/master/pkg/util/tls/tls.go#L78

Should we specify configuration blocks for each grpc client or should they be globally specified?

/cc @slim-bean @cyriltovena
@stale
Copy link

stale bot commented Sep 19, 2021

Hi! This issue has been automatically marked as stale because it has not had any
activity in the past 30 days.

We use a stalebot among other tools to help manage the state of issues in this project.
A stalebot can be very useful in closing issues in a number of cases; the most common
is closing issues or PRs where the original reporter has not responded.

Stalebots are also emotionless and cruel and can close issues which are still very relevant.

If this issue is important to you, please add a comment to keep it open. More importantly, please add a thumbs-up to the original issue entry.

We regularly sort for closed issues which have a stale label sorted by thumbs up.

We may also:

  • Mark issues as revivable if we think it's a valid issue but isn't something we are likely
    to prioritize in the future (the issue will still remain closed).
  • Add a keepalive label to silence the stalebot if the issue is very common/popular/important.

We are doing our best to respond, organize, and prioritize all issues but it can be a challenging task,
our sincere apologies if you find yourself at the mercy of the stalebot.

@stale stale bot added the stale A stale issue or PR that will automatically be closed. label Sep 19, 2021
@stale stale bot closed this as completed Apr 19, 2022
@slim-bean slim-bean reopened this Apr 19, 2022
@stale stale bot removed the stale A stale issue or PR that will automatically be closed. label Apr 19, 2022
@slim-bean slim-bean added the keepalive An issue or PR that will be kept alive and never marked as stale. label Apr 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
keepalive An issue or PR that will be kept alive and never marked as stale.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@owen-d @slim-bean