You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Keylime agent is in k8s cluster, but Verifier/Tenant/Registrar is outside k8s cluster. Traffic from Verifier to Agent goes via k8s Ingress, which needs to map URL to correct Agent per UUID. Agent is hence reachable at https://agent-<uuid>.cluster.local/ ...
Issue
There is parse_ip called to parse the contact_ip here:
let contact_ip = parse_ip(config.agent.contact_ip.as_ref())?.to_string();
so Agent cannot set hostname such as agent-<uuid>.cluster.local as its contact_ip, meaning it cannot register itself with an address that can be routed back.
Use-case
Keylime agent is in k8s cluster, but Verifier/Tenant/Registrar is outside k8s cluster. Traffic from Verifier to Agent goes via k8s Ingress, which needs to map URL to correct Agent per UUID. Agent is hence reachable at
https://agent-<uuid>.cluster.local/ ...Issue
There is
parse_ipcalled to parse thecontact_iphere:rust-keylime/keylime-agent/src/config.rs
Line 859 in 56a6159
agent-<uuid>.cluster.localas its contact_ip, meaning it cannot register itself with an address that can be routed back.xref: https://cloud-native.slack.com/archives/C01ARE2QUTZ/p1727792733885549
@maugustosilva @mheese
The text was updated successfully, but these errors were encountered: