On 04/25/2011 12:47 PM, Kirill Shileev wrote:
Hi all,
Recently, playing with libcloud against a private openstack installation
we realized that 8773 and 8774 ports listened by openstack-nova-api
expect plain HTTP.
This is something that is rarely allowed in production installations.
We bypass the problem by providing stunnel proxy for those ports.
Although, the fastest solution, it does not look satisfactory from the
long term perspective.
Hence the proposal:
https://blueprints.launchpad.net/nova/+spec/openstack-api-ssl
There is no any details so far, but the main idea is to change the
default with nova-api
to listen for SSL encoded transport.
Other option would be making this configurable, although not sure why
and where the plain HTTP might be justified.
Any thoughts, comments?
--
Best regards,
Kirill Shileev
Senior software engineer
www.GridDynamics.com <http://www.GridDynamics.com>
+7 495 787 49 44 office
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp
Kirill
Are you at the Openstack Confernece? Your ssl question is one of the
things I would like to discuss in the discussion session I registered,
http://openstack-spring2011.sched.org/event/4bb755f74fa7528bb5a0ccd20805ec0c
Edward
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp
