Provide feature to onboard and distribute a common CA cert chain to Istio service mesh in edge clusters. This feature will allow the user to prepare a CA certificate that will be used to generate a set of Intermediate CAs (with a common CA Root certificate) that will be distributed to a set of edge clusters running the Istio service mesh. The Intermediate CA certificates distributed to the edge clusters can replace the default Istio CA or be set up per Namespace (i.e. per EMCO Logical Clouds). This feature allows EMCO to implement traffic controller intents between workloads across edge clusters with mTLS. The per Namespace capability allows workloads deployed to different Logical Clouds (e.g. tenants) to be isolated from each other.
The Authorization APIs provide a way for the user to configure access to the cluster services, by allowing or denying the request based on the methods and/or the paths. This will include the implementation and automation of the backed part to generate the required resources. This is interesting to the EMCO community and requested by stakeholders, since it will provide fine-grained authorization policy enforcement ability to secure the services running in the EMCO managed cluster.
Implements and automate the scenario where the service is running inside the cluster and accessed from outside. The required certs will be provided through user intents. New Inbound API fields needs to be added to handle this scenario. The changes also include use case with helm charts, API calls, scripts, and config files. This is interesting to the EMCO community and requested by stakeholders, since it will provide a secure way to access the service running inside the EMCO managed cluster from outside using their own set of certificates and keys.
Using GitOps, have Google Anthos GKE cluster instances orchestrated by EMCO in order to deploy EMCO composite apps. This feature will benefit any customer who requires workloads to be deployed to Anthos-based clusters using EMCO. This request is coming from customers like Verizon and SmartEdge teams.
This feature is an enhancement for the Azure Arc plugin added in the 22.03 release. This new plugin uses Flux v2 which has a lot of improvements over Flux v1 used by the previous version and is the way forward. Similar as above.
After the application is instantiation by EMCO, some applications require application specific configurations. In this release only Custom Resource based configurations are supported.
The final list will be available on GitLab.