Integrating OpenZiti with EdgeX Foundry and ekuiper #2579
Closed
dovholuknf
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi all, I'm back working with the EdgeX Foundry team to integrate OpenZiti into EdgeX Foundry. OpenZiti has been adopted to secure the communication between core edgex services. OpenZiti is a a secure, zero trust overlay network. It allows zero trust connectivity from one identity to another.
A key feature of OpenZiti is that it's just an SDK that needs to be adopted into the program to enable the additional security and it actually eliminates processes from listening on the IP-based, underlay network at all, basically making the program unattackable by traditional network-based attacks from unauthenticated applications.
I'll be putting a PR up for ekuiper to act as a client to other OpenZiti-enabled services (like the EdgeX core services). If you'd like, I could also look to add OpenZiti to the two ports endpoints kuiper exposes to the underlay by default (CLI port and REST service port).
(i posted this in to the slack too, dunno which is the best place to have the discussion)
Beta Was this translation helpful? Give feedback.
All reactions