Protecting the `configdata` HTTP endpoint without disrupting siderolink operations
bzub opened this issue · 1 comments
bzub commented
I don't see a built-in way to protect the configdata
metadata endpoint with authentication/authorization so I assume that's left to the user. The issue I have is if I try to put anything in front of the unified sidero HTTP endpoint then I'm not sure how to keep the GRPC api functionality working. Any tips?
smira commented
Make sure your HTTP reverse-proxy supports proxying gRPC properly. For example, nginx
has a separate gRPC
proxying module.