Hi all, Recently, playing with libcloud against a private openstack installation we realized that 8773 and 8774 ports listened by openstack-nova-api expect plain HTTP. This is something that is rarely allowed in production installations.
We bypass the problem by providing stunnel proxy for those ports. Although, the fastest solution, it does not look satisfactory from the long term perspective. Hence the proposal: https://blueprints.launchpad.net/nova/+spec/openstack-api-ssl There is no any details so far, but the main idea is to change the default with nova-api to listen for SSL encoded transport. Other option would be making this configurable, although not sure why and where the plain HTTP might be justified. Any thoughts, comments? -- Best regards, Kirill Shileev Senior software engineer www.GridDynamics.com +7 495 787 49 44 office
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
