xds: security configuration needs to be per cluster, not from the top level cluster #6787
Assignees
Comments
|
Blocked ongrpc/proposal#404 |
|
grpc/proposal#404is merged. This is unblocked now. |
purnesh42H
added
the
Area: xDS
easwars
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Right now,https://github.com/grpc/grpc-go/blob/master/xds/internal/balancer/cdsbalancer/cdsbalancer.go#L155security configuration for the xDS tree is determined by the top level cluster in the cluster tree in the cds_balancer. This security configuration needs to be per cluster_impl (per priority). The initial idea is to persist a map from cluster name to security configuration in cds_balancer, set a resolver attribute in cluster_impl, and use that name from the attribute to read from the map here:https://github.com/grpc/grpc-go/blob/master/xds/internal/balancer/cdsbalancer/cdsbalancer.go#L674,rather than reading the entire handshake info directly.
The text was updated successfully, but these errors were encountered: