opamp-spec
opamp-spec copied to clipboard
open-telemetry
OpAMP Specification
https://github.com/open-telemetry/opamp-spec/blob/main/specification.md#configuration-restrictions This is very hard thing to implement in a secure way, but if not implemented properly then it may even decrease security of environment: Agent operator assuming it works...
I think it may be worth to extend Code Signing section (https://github.com/open-telemetry/opamp-spec/blob/main/specification.md#code-signing) and add downgrade protection recommendation. Let's consider following scenario: 1. Agent is running with version X of package...
Resolves https://github.com/open-telemetry/opamp-spec/issues/114
The spec currently uses the term Agent mostly (although Client can be seen in the [Communication Model](https://github.com/open-telemetry/opamp-spec/blob/main/specification.md#communication-model)). The Go implementation on the other hand uses the term [Client](https://github.com/open-telemetry/opamp-go/blob/be3f3ffe0c25a72b656913dc465370f23b740802/client/client.go#L10). This is...
Use case - an observability company can offer a "satellite" solution ( like Red hat satellite ) Why it needed: - Reduce the load on the company backend where they...
The spec says: ``` Note that the Agent MAY also report the status of packages it has installed locally, not only the packages it was offered and downloaded from the...
Add a sub-section explaining how infinite oscillations between remote config and status reporting are possible if an attribute is reported in the status that can be changed via remote config...
Do we want to also allow JSON-encoded Protobuf messages in addition to binary-encoded Protobuf messages? This can be fairly trivially achieved by requiring "Content-Type: application/json" header.
How does TLS work with cloud provider load balancers? Do we terminate TLS at load balancer and if yes how does the Server know the client's certificate for acceptance or...
Do we need to recommend the Agent to cache the remote config and OTLP metric destination locally in case the Server is unavailable to make the system more resilient?