Tyler King
6058e62348
Go-based network automation with YANG models, gRPC, Ansible, Terraform, and Kubernetes integration. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
599 B
599 B
Shellstream Boundary
Shellstream is the attested stream protocol for inter-cluster communication. Kedge DaemonSet terminates Shellstream handshakes at the cluster boundary.
3-Way Handshake
- ATTEST-INIT: Remote peer sends SAT token with capability request
- ATTEST-VERIFY: Local Kedge validates SAT, evaluates capabilities against accord policy, sends attenuated grant
- ATTEST-CONFIRM: Session established with granted capabilities
Mode Selection
The capability token determines overlay vs. underlay access, governed by MSP trust tier mappings in the local accord policy.