Reviewed: https://review.openstack.org/297467 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=0230edd708eb961ad6f9afb88a778fe03320bf3e Submitter: Jenkins Branch: master
commit 0230edd708eb961ad6f9afb88a778fe03320bf3e Author: Devananda van der Veen <[email protected]> Date: Thu Mar 24 17:00:26 2016 -0700 Allow ironic driver to specify cafile This patch adds a config option to the [ironic] group, allowing the operator to specify a cacert file with which to connect to the ironic-api service. This corresponds with the way encrypted connections to other OpenStack services are configured. Change-Id: Ice1d6c3f6fc911c4f35fe0283e3d1e9dd8b0e1a7 Closes-bug: #1561796 ** Changed in: nova Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1561796 Title: ironic driver does not support ssl cafile Status in OpenStack Compute (nova): Fix Released Bug description: Even though Ironic's python client supports SSL encrypted connections to the ironic service, and securing intra-service connections is a recommended practice, the nova.virt.Ironic driver currently lacks an option to specify a custom CA Certificate for validating the SSL connection to the Ironic service. On the other hand, other OpenStack services which Nova connects to (eg, Glance, Neutron...) have support for this via a service-specific "cafile" config option. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1561796/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
