Skip to content

spiffe/spire-ha-agent

Folders and files

NameName
Last commit message
Last commit date
Nov 16, 2024
Jan 20, 2025
Jan 25, 2025
Jan 7, 2025
Jan 27, 2025
Jan 25, 2025
Jan 13, 2025
Nov 15, 2024
Jan 11, 2025
Nov 15, 2024
Nov 15, 2024
Jan 11, 2025
Jan 11, 2025
Jan 19, 2025
Jan 19, 2025

Repository files navigation

SPIRE HA Agent

Apache 2.0 License Development Phase

An agent to setup a SPIRE HA TrustDomain using two independent SPIRE Servers

Warning

This code is very early in development and is very experimental. Please do not use it in production yet. Please do consider testing it out, provide feedback, and maybe provide fixes.

Simple Diagram

diagram

Cross Linked Trust Diagram

diagram

How it Works

If the trust bundles of both servers are presented to the workload, it will not care which server instance a certificate is issued from. This agent provides both trust bundles to the end user as one trust bundle, and will contact whichever server is responding to respond to x509 certificate or jwt token requests.