Attendees: Srini, Eric, Igor, Kural, Rammy, Ritu, Todd

22.09 Features proposal discussed:

  • Istio Controller feature complete
  • SGX Support for CA Cert manager and application private key security automation using SGX (Example Keys used by Istio controller)
  • Support for externally instantiated applications (DTC and GAC)
  • Keycloak Broker and oauth2-proxy authentication Action Controller
  • Multi-Domain Infrastructure Orchestrator
  • Squid Proxy Action Controller - Poc followed by initial implementation of the action controller
  • GitOps - Support for Git Server in EMCO, support multiple namespaces for a composite application, Anthos logical cloud support, reading resources from cluster
  • Monitor resources not deployed by EMCO
  • Temporal Action controller - Remaining items, Azure IOT use case
  • AppConfig Controller - Code complete in 22.06. Testing, code reviews, etc.

Squid Proxy

Discussed next steps for understanding Squid Proxy especially following areas. Will present in the findings and continue discussion in the next meeting.

1) TLS bumping

2) Proxy Authorization

3) Proxy Authorization with oauth2

4) Squid ClamAV

SDS - SDS doesn't have IPv6 support.  Discussed that it can be deprecated as no customers using it and similar functionality can be provided using external DNS. Ritu to ask Palani to document on how that can be setup with EMCO.



  • No labels

1 Comment

  1. Srinivasa Addepalli

    Instead 'Squid ClamAV',  my suggestion is to go with e2guardian (deployed as ICAP Service to Squid) as it supports both URL filtering & ClamAV based Anti-Malware.