On Thu, Sep 04, 2014 at 12:59:07PM -0400, Solly Ross wrote:
I would like to request a feature freeze exception for the Websocket Proxy to
Host Security.
The spec [1] was approved for Nova, and the patches [2] are currently sitting
there with one
+2 (courtesy of @danpb), with a +1 from Jenkins.
For a TL;DR on the spec, essentially this patch series implements a framework
for authenticating
and encrypting communication between the VNC proxy and the actual compute
nodes, and then
implements a TLS/x509 driver using that framework.
The patches don't touch much, and are enabled optionally, so they should be
relatively safe.
I think this is good work and want to see it in Nova. At the same time
though, the first version of this only got up onto review 2 weeks ago,
and I think other proposed FFEs are higher priority to approve.
So I'd sponsor it only if we have capacity after considering the other
items, specifically serial consols, SRIOV, Ironic and NUMA work.
Regards,
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
