Skip to content

Eventing TLS: support path-based routing for MessageReceiver #6865

New issue
New issue
Closed
#6873
Closed
Eventing TLS: support path-based routing for MessageReceiver#6865
#6873
Assignees
gab-satchi
Labels
kind/feature-request
@pierDipi

Description

@pierDipi
pierDipi
opened on Apr 18, 2023

As the Eventing TLS feature track describes we should support TLS for InMemoryChannel.

In particular, the IMC controller will expose an HTTPS address (as part of #6864) that is pointing to the IMC dispatcher.

The https endpoint should be handled differently than the current http endpoint, the reason is described here:
https://docs.google.com/document/d/1H-x_oji8LqkCyd7tlsSyclmUe7FAmEJPgRxOU_0pkn8/edit?resourcekey=0-lzDIPJsZOP3G17QE_g1lHw#heading=h.eg1aqbb7nwxg and it is reported below:

InMemoryChannel
The imc-dispatcher deployment will read (and watch for rotation) a secret containing the TLS public/private key pair in a well-known Secret imc-dispatcher-tls in the system namespace to instantiate the TLS server.

To avoid using wildcard certificates and complex SNI negotiation, we enable IMC dispatcher to use path-based routing for HTTPS requests instead of using host-based routing based on the external name service, and in that case, certificate DNS name must be: imc-dispatcher.knative-eventing.svc..

Given that the DNS name for the certificate will be imc-dispatcher.knative-eventing.svc.<cluster-domain> and we need to distinguish between different channels, so the https address for a given InMemoryChannel will be: https://imc-dispatcher.knative-eventing.svc.<cluster-domain>/<channel-namespace>/<channel-name>, therefore host-based routing that is currently supported by the MessageReceiver (see https://github.com/knative/eventing/blob/main/pkg/channel/message_receiver.go) component should be enhanced to also support serving channels with a path based routing approach.

This issue is scoped to the MessageReceiver library, a followup issue will be created and linked to make use of this enhancement in the IMC dispatcher.

Additional Info

Metadata

Metadata

Assignees

Labels

kind/feature-request

Type

No type

Projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions