Hi Amy, Has there been any consideration of running https://www.tinc-vpn.org/ to connect all the ONAP hosts to each other?
If using docker, the containers could be configured to only talk via the network devices created by tinc, thus ensuring all communications are encrypted. tinc also seems to provide several useful behaviours such as automatic mesh routing, easy expansion of the VPN and wide operating system support. It might be a way to get an entire ONAP system protected without needing to upgrade every component to mutual TLS. Keong -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#13141): https://lists.onap.org/g/onap-discuss/message/13141 Mute This Topic: https://lists.onap.org/mt/27369768/21656 Group Owner: onap-discuss+ow...@lists.onap.org Unsubscribe: https://lists.onap.org/g/onap-discuss/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
