TLS certificate reloading in SDK #4247
Labels
spec:miscellaneous
For issues that don't match any other spec label
triage:deciding:community-feedback
Open to community discussion. If the community can provide sufficient reasoning, it may be accepted
Comments
pavolloffay
added
the
spec:miscellaneous
|
Would you clarify if this is about OTLP exporter or something else? I understand that the solution might be generally applicable to other exporters such as Jaeger/Zipkin, I think we need to have more clarity regarding what's expected here. |
|
I would scope this only for OTLP exporter https://opentelemetry.io/docs/specs/otel/protocol/exporter/ This feature could introduce a new env var |
svrnm
added
the
triage:deciding:community-feedback
|
IIRC, the Collector also watches the file system for changes to those specific files. In any case, I think this can certainly be an optional part of the spec, defined based on the current of the collector, which has incorporated some lessons learned already. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What are you trying to achieve?
I would like to configure OpenTelemetry SDK to reload TLS certificate.
The OTEL operator community is working on enabling TLS in auto-instrumentations (which use SDKs) open-telemetry/opentelemetry-operator#2997. The operator will inject certificates from a secret (e.g. provisioned by cert-manager). The cert-manager allows rotating certificates automatically, however SDKs don't reload the certificates.
The collector already supports this functionality:
reload_intervalhttps://github.com/open-telemetry/opentelemetry-collector/blob/main/config/configtls/README.mdWhat did you expect to see?
Additional context.
Use-case was rejected in Java SDK open-telemetry/opentelemetry-java#4725
The text was updated successfully, but these errors were encountered: