OpenStack-Ansible

nova should talk to RabbitMQ over an encrypted channel

Bug #1509086 reported by Major Hayden on 2015-10-22

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
OpenStack-Ansible	Fix Released	Medium	Major Hayden	OpenStack-Ansible mitaka-1
Liberty	Fix Released	Medium	Major Hayden	OpenStack-Ansible 12.0.1
Trunk	Fix Released	Medium	Major Hayden	OpenStack-Ansible mitaka-1

Bug Description

The nova daemons exchange sensitive information with RabbitMQ on a regular basis. We recently added code to configure a RabbitMQ TLS listener by default and we can begin using that encrypted channel for communication.

Major Hayden (rackerhacker) on 2015-10-22

Changed in openstack-ansible:
assignee:	nobody → Major Hayden (rackerhacker)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-22: Fix proposed to openstack-ansible (master)

Fix proposed to branch: master
Review: https://review.openstack.org/238691

Changed in openstack-ansible:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-27: Fix merged to openstack-ansible (master)

Reviewed: https://review.openstack.org/238691
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible/commit/?id=d930a7b55c6e5e96f9da07669a243a30b6a9432e
Submitter: Jenkins
Branch: master

commit d930a7b55c6e5e96f9da07669a243a30b6a9432e
Author: Major Hayden <email address hidden>
Date: Tue Oct 20 16:04:36 2015 -0500

Enable encryption for all RabbitMQ connections

This change enables encryption between OpenStack services and RabbitMQ by
default.

Closes-bug: 1509086

Change-Id: Ic95a556e001f66df935ea7db613b497b47062851

Changed in openstack-ansible:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-27: Fix proposed to openstack-ansible (liberty)

Fix proposed to branch: liberty
Review: https://review.openstack.org/239744

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-27: Fix merged to openstack-ansible (liberty)

Reviewed: https://review.openstack.org/239744
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible/commit/?id=5cd270a7fdb38d104eac6a8aa001533c8d7f0d93
Submitter: Jenkins
Branch: liberty

commit 5cd270a7fdb38d104eac6a8aa001533c8d7f0d93
Author: Major Hayden <email address hidden>
Date: Tue Oct 20 16:04:36 2015 -0500

Enable encryption for all RabbitMQ connections

This change enables encryption between OpenStack services and RabbitMQ by
default.

Closes-bug: 1509086

Change-Id: Ic95a556e001f66df935ea7db613b497b47062851
(cherry picked from commit d930a7b55c6e5e96f9da07669a243a30b6a9432e)

Revision history for this message

Davanum Srinivas (DIMS) (dims-v) wrote on 2016-04-18: Fix included in openstack/openstack-ansible 13.0.0

This issue was fixed in the openstack/openstack-ansible 13.0.0 release.

Revision history for this message

Davanum Srinivas (DIMS) (dims-v) wrote on 2016-05-03: Fix included in openstack/openstack-ansible 12.0.11

This issue was fixed in the openstack/openstack-ansible 12.0.11 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.