Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use separate signing keys used for the cert and the token #266

Merged
merged 1 commit into from
Feb 11, 2025
Merged

Use separate signing keys used for the cert and the token #266

merged 1 commit into from
Feb 11, 2025

Conversation

roehrich-hpe
Copy link
Contributor

The key used to sign a cert and the key used to sign a token should have nothing to do with each other and they aren't even used in the same context. The following adjusts the code to allow distinct keys for certs and tokens.

@roehrich-hpe
Use separate signing keys used for the cert and the token
317e523 
The key used to sign a cert and the key used to sign a token should have
nothing to do with each other and they aren't even used in the same context.
The following adjusts the code to allow distinct keys for certs and tokens.

Signed-off-by: Dean Roehrich <[email protected]>
@roehrich-hpe
Copy link
Contributor Author

ping

@ajfloeder
Copy link
Contributor

Remind me please... Given that these operations use the k8s server as a store, what is the granularity of these keys? 1 per job, 1 per compute node, some other? I'm asking to determine what sort of usage might stress the API servers and where in the workflow that occurs.

@roehrich-hpe
Copy link
Contributor Author

roehrich-hpe commented Feb 11, 2025
edited
Loading

Remind me please... Given that these operations use the k8s server as a store, what is the granularity of these keys? 1 per job, 1 per compute node, some other? I'm asking to determine what sort of usage might stress the API servers and where in the workflow that occurs.

Everything is stored in k8s Secrets.
The software on the compute side will no longer talk to the API server--each compute talks only to its matching rabbit. That rabbit will be running the copy-offload server as a user container.

The copy-offload server will read these secrets to get the TLS cert and the key for verifying the token. The server does this on startup, at PreRun, and keeps that info until it's shutdown at PostRun.

There is one TLS cert system-wide. There is one token+key per workflow.

@roehrich-hpe roehrich-hpe merged commit 9dddc34 into master Feb 11, 2025
6 checks passed
@roehrich-hpe roehrich-hpe deleted the split-key branch February 11, 2025 14:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ajfloeder ajfloeder ajfloeder approved these changes

@bdevcich bdevcich bdevcich approved these changes

@matthew-richerson matthew-richerson Awaiting requested review from matthew-richerson

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@roehrich-hpe @ajfloeder @bdevcich