I've been asked to comment on whether the lack of SSL for glance
communications is blocking the MIR. Looking at the architecture
documents for Nova and Glance, it seems like glance is typically not
going to be used across an open network, but instead as a sort of
backend for nova-compute and nova-api. As such, user facing tools like
the dashboard or EC2/OpenStack API are all that would be used over the
open network, and those should be designed for use in that scenario (and
not relevant to this MIR). If this assumption about glance operating in
a protected, private network is true, then the lack of SSL for glance-
api and glance-registry communications should not be a blocker. It is
highly recommended that SSL communications to glance-api and glance-
registry be supported, especially in time for 12.04 LTS, and it is my
understanding that is in the works.
I would like for our documentation to reflect that glance should be run
on a private, trusted network at this time. Can the server team file a
bug for this (whether it is in the server manual and/or the technical
overview for oneiric doesn't matter to me)? Assuming we document this
and the bugs for the issues Kees brought up are addressed, feel free to
promote.
** Changed in: glance (Ubuntu)
Status: Incomplete => Confirmed
** Changed in: glance (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/801299
Title:
[MIR]glance
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glance/+bug/801299/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
