Is ringpop's gossiping over TLS?

gagan · June 26, 2025, 3:45pm

Temporal Platform security features | Temporal Platform Documentation document mentions how a temporal cluster can use MTLS for services inside the cluster to talk to one another.

I believe this means that temporal services like history/matching/frontend etc can be configured to use MTLS for service to service communication. Is that correct?
Temporal for cluster management uses ringpop. Ringpop internally uses TChannel to perform gossiping amongst the hosts to maintain the membership details of the cluster. Is Ringpop/TChannel communication channel secure? Or is this using plain text over TCP?
If TChannel isn’t secure, is there guidance on how to make the gossiping be over a secure channel?

gagan · June 26, 2025, 3:58pm

Is enableRingpopTLS configuration what I should be using? Is there guide/documentation for it?

Topic		Replies	Views
Interpod communication via istio Community Support security	3	1339	September 16, 2022
Unable to bootstrap Ringpop when Strict MTLS is enabled in Istio Server Deployment general-impl , ringpop , mtls	5	943	February 23, 2024
Beyond Ringpop? Community Support	6	669	January 9, 2024
Proxying access to Temporal Cloud Show & Tell go-sdk , temporal-cloud	0	1782	September 18, 2023
Moving temporal cluster from one k8s cluster to another one Community Support cassandra , kubernetes	2	774	August 19, 2022