OpenStack Compute (nova)

nova-api-{ec2,metadata,os-compute} don't allow SSL to be enabled

Bug #1237126 reported by David Comay on 2013-10-08

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Compute (nova)	Fix Released	Medium	Davanum Srinivas (DIMS)	OpenStack Compute (nova) 2014.1 "icehouse"
	Havana	Fix Released	Medium	Dave Walker	OpenStack Compute (nova) 2013.2.1

Bug Description

Although the script bin/nova-api will read nova.conf to determine which API services should have SSL enabled (via 'enabled_ssl_apis'), the individual API scripts

        bin/nova-api-ec2
        bin/nova-api-metadata
        bin/nova-api-os-compute

do not contain similar logic to allow configuration of SSL. For installations that want to use SSL but not the nova-api wrapper, there should be a similar way to enable the former.

Davanum Srinivas (DIMS) (dims-v) on 2013-10-09

Changed in nova:
status:	New → Confirmed
assignee:	nobody → Davanum Srinivas (DIMS) (dims-v)

Davanum Srinivas (DIMS) (dims-v) on 2013-10-09

tags:

added: havana-rc-potential

Revision history for this message

Davanum Srinivas (DIMS) (dims-v) wrote on 2013-10-09:

https://review.openstack.org/#/c/50683/

Changed in nova:
status:	Confirmed → In Progress

Thierry Carrez (ttx) on 2013-10-14

tags:

added: havana-backport-potential
removed: havana-rc-potential

Davanum Srinivas (DIMS) (dims-v) on 2013-10-14

Changed in nova:
importance:	Undecided → Medium

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-10-30: Fix merged to nova (master)

Reviewed: https://review.openstack.org/50683
Committed: http://github.com/openstack/nova/commit/08c6664d8f36ef48f28bed9afbd4aae21f6eb2d5
Submitter: Jenkins
Branch: master

commit 08c6664d8f36ef48f28bed9afbd4aae21f6eb2d5
Author: Davanum Srinivas <email address hidden>
Date: Wed Oct 9 11:51:42 2013 -0400

Fix all scripts to honor the enabled_ssl_apis flag

Add logic to allow configuration of SSL for all the cmd scripts
that start a WSGIService

Change-Id: I921013d113081a91a3fe9bb574bae5cd7bb06bcc
Closes-Bug: 1237126

Changed in nova:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-10-30: Fix proposed to nova (stable/havana)

Fix proposed to branch: stable/havana
Review: https://review.openstack.org/54645

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-11-02: Fix merged to nova (stable/havana)

Reviewed: https://review.openstack.org/54645
Committed: http://github.com/openstack/nova/commit/170a09e99c974408b7fe956aee57a470adb500fc
Submitter: Jenkins
Branch: stable/havana

commit 170a09e99c974408b7fe956aee57a470adb500fc
Author: Davanum Srinivas <email address hidden>
Date: Wed Oct 9 11:51:42 2013 -0400

Fix all scripts to honor the enabled_ssl_apis flag

Add logic to allow configuration of SSL for all the cmd scripts
that start a WSGIService

    Change-Id: I921013d113081a91a3fe9bb574bae5cd7bb06bcc
    Closes-Bug: 1237126
    (cherry picked from commit 08c6664d8f36ef48f28bed9afbd4aae21f6eb2d5)

tags:

added: in-stable-havana

Russell Bryant (russellb) on 2013-12-03

Changed in nova:
milestone:	none → icehouse-1

Thierry Carrez (ttx) on 2013-12-04

Changed in nova:
status:	Fix Committed → Fix Released

Alan Pevec (apevec) on 2013-12-08

tags:

removed: havana-backport-potential in-stable-havana

Thierry Carrez (ttx) on 2014-04-17

Changed in nova:
milestone:	icehouse-1 → 2014.1

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.