Comments (1)
Move the requirement&feasibility discussion from PR to issues, to avoid polluting the code review discussion. Discuss in this thread, please.
Here are my opinions:
For now plain HTTP is acceptable for admin interfaces.
If we decide to support HTTPS or gRPC(like etcd3.x), it got more work. e.g. certificates stuff for HTTPS, protobuf definition for gRPC and so on.
I think HTTP should be deprecated
HTTPS might bring complicated in the operation, but it's an enterprise feature for providing more security and worth our while to try it. So @benja-wu can schedule this to the Easegress' roadmap.
I think we can keep the HTTP way for Admin APIs as default behavior, but support HTTPS as a new feature for enterprise's security purpose. Cause I believe that Easegress's admin API will be mostly invoked inside the company's local area network.
Also I totally agree to support HTTPS in Admin APIs as an enterprise feature.
How about that?
It's necessary to clarify that we provide value-adding packages/features in the enterprise releases. but we don't disable the capability of the open-source releases. As in this case, It's good to let the cli tool supports https access. for the server-side, we can configure the admin port with SSL/TLS certificates out of the box(or provide a clear method, this can be planned in the roadmap). while the open-source users can configure by themselves (eg. put the API portal behind a gateway which enables https )
from easegress.
Related Issues (20)
- [Question]: how does the sidecar (mesh worker role) intercept outbound traffic HOT 7
- An option for enabling periodic health checks of the servers in Proxy plugin HOT 2
- Strict yaml schema validation via openAPIV3Schema HOT 1
- [Question]: Is there command `egctl convert ` ? HOT 2
- [Question]: egctl apply error HOT 2
- [Question]: New filter run panic HOT 8
- [Question]: Websocket handshake fail HOT 12
- Filter logger optimize HOT 5
- [Bug]: easegress-server --signal-upgrade=true panic HOT 2
- [Question]:Is buildOutputResponse missing ? HOT 4
- Filter will be created even it is not referenced in flow HOT 3
- Adding url decoding function to extend template functionality in easegress builder filters HOT 5
- [Question]: Why does pipeline not map properly to the backend server? HOT 3
- [Question]: Pipeline HandleWithBeforeAfter not work well HOT 23
- [Question]: Is there something wrong with the example in this IngressController doc? HOT 1
- [Question]: Why does my IngressController experiment not work? HOT 17
- [Question]: When using Easegress images version V2.6.1 and above, the IngressController does not function properly. HOT 5
- [Question]: When using Easegress as an Ingress controller, how can I add a global filter to the default HTTP server? HOT 8
- [Question]: Websocket log expected error HOT 3
- Report the use of components with vulnerabilities in easegress HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from easegress.