Agent contact_ip needs to allow hostnames #848
Comments
ansasaki
added a commit
to ansasaki/rust-keylime
that referenced
this issue
Nov 12, 2024
For the options 'ip', 'contact_ip', and 'registrar_ip', allow a hostname to be used instead of an IP address. Fixes keylime#848 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
ansasaki
added a commit
to ansasaki/rust-keylime
that referenced
this issue
Nov 13, 2024
For the options 'ip', 'contact_ip', and 'registrar_ip', allow a hostname to be used instead of an IP address. Fixes keylime#848 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
ansasaki
added a commit
to ansasaki/rust-keylime
that referenced
this issue
Dec 2, 2024
For the options 'ip', 'contact_ip', and 'registrar_ip', allow a hostname to be used instead of an IP address. Fixes keylime#848 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
ansasaki
added a commit
to ansasaki/rust-keylime
that referenced
this issue
Dec 2, 2024
For the options 'ip', 'contact_ip', and 'registrar_ip', allow a hostname to be used instead of an IP address. Fixes keylime#848 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Use-case
Keylime agent is in k8s cluster, but Verifier/Tenant/Registrar is outside k8s cluster. Traffic from Verifier to Agent goes via k8s Ingress, which needs to map URL to correct Agent per UUID. Agent is hence reachable at
https://agent-<uuid>.cluster.local/ ...Issue
There is
parse_ipcalled to parse thecontact_iphere:rust-keylime/keylime-agent/src/config.rs
Line 859 in 56a6159
agent-<uuid>.cluster.localas its contact_ip, meaning it cannot register itself with an address that can be routed back.xref: https://cloud-native.slack.com/archives/C01ARE2QUTZ/p1727792733885549
@maugustosilva @mheese
The text was updated successfully, but these errors were encountered: