Protecting the `configdata` HTTP endpoint without disrupting siderolink operations

Question

Protecting the `configdata` HTTP endpoint without disrupting siderolink operations

bzub opened this issue a year ago · 1 comments

I don't see a built-in way to protect the configdata metadata endpoint with authentication/authorization so I assume that's left to the user. The issue I have is if I try to put anything in front of the unified sidero HTTP endpoint then I'm not sure how to keep the GRPC api functionality working. Any tips?

Answer 1 · 2023-04-13T14:36:35.000Z

Make sure your HTTP reverse-proxy supports proxying gRPC properly. For example, nginx has a separate gRPC proxying module.