OpenStack Masakari Charm

legacy ssl configuration is missing

Bug #1889787 reported by Márton Kiss
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
OpenStack Masakari Charm
Fix Released
Undecided
Unassigned
OpenStack Masakari Charm 20.10

Bug Description

When the ssl_ca, ssl_cert, ssl_key config options defined, the endpoints are not using TLS at all:

  masakari:
    options:
      ssl_ca: *ssl_ca
      ssl_cert: *ssl_cert
      ssl_key: *ssl_key
  ...

Endpoint list:

$ openstack endpoint list -c "Service Name" -c "URL" -f value | grep "masakari"
masakari http://masakari-internal.mydomain.com:15868/v1/%(tenant_id)s
masakari http://masakari.mydomain.com:15868/v1/%(tenant_id)s
masakari http://masakari-internal.mydomain.com:15868/v1/%(tenant_id)s

This bug should be similar to placement charm's when, where this fix was the solution:
https://review.opendev.org/#/c/742500/3/src/reactive/placement_handlers.py

Revision history for this message
Márton Kiss (marton-kiss) wrote :

Merge proprosal: https://review.opendev.org/745106

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to charm-masakari (stable/20.08)

Fix proposed to branch: stable/20.08
Review: https://review.opendev.org/746318

Changed in charm-masakari:
status: In Progress → Fix Committed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to charm-masakari (master)

Reviewed: https://review.opendev.org/745106
Committed: https://git.openstack.org/cgit/openstack/charm-masakari/commit/?id=2a901dc9cb2a21c1d7fe87f240e554fbc9ea88e7
Submitter: Zuul
Branch: master

commit 2a901dc9cb2a21c1d7fe87f240e554fbc9ea88e7
Author: Marton Kiss <email address hidden>
Date: Thu Aug 6 12:15:02 2020 +0200

    Add TLS Support

    The Masakari API service need to be TLS-terminated. This patch applies the
    ssl_ options in render_config function.

    Change-Id: I0acdaaf4ab6eb150d0d562cd978601726456d035
    Closes-Bug: #1889787

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to charm-masakari (stable/20.08)

Reviewed: https://review.opendev.org/746318
Committed: https://git.openstack.org/cgit/openstack/charm-masakari/commit/?id=2d3063977dae8f28409d343ed8f6a1381d06729c
Submitter: Zuul
Branch: stable/20.08

commit 2d3063977dae8f28409d343ed8f6a1381d06729c
Author: Marton Kiss <email address hidden>
Date: Thu Aug 6 12:15:02 2020 +0200

    Add TLS Support

    The Masakari API service need to be TLS-terminated. This patch applies the
    ssl_ options in render_config function.

    Change-Id: I0acdaaf4ab6eb150d0d562cd978601726456d035
    Closes-Bug: #1889787
    (cherry picked from commit 2a901dc9cb2a21c1d7fe87f240e554fbc9ea88e7)

Alex Kavanagh (ajkavanagh)
Changed in charm-masakari:
milestone: none → 20.10
Alex Kavanagh (ajkavanagh)
Changed in charm-masakari:
status: Fix Committed → Fix Released
Zahid Hasan (akkim31-deactivatedaccount)
Changed in charm-masakari:
assignee: nobody → Zahid Hasan (akkim31)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.