add release note that OpenStack should be used on a protected network
Bug #978963 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Release Notes for Ubuntu |
Fix Released
|
Undecided
|
Unassigned | ||
horizon (Ubuntu) |
Fix Released
|
High
|
James Page | ||
Precise |
Fix Released
|
High
|
Unassigned | ||
keystone (Ubuntu) |
Fix Released
|
High
|
James Page | ||
Precise |
Fix Released
|
High
|
Unassigned |
Bug Description
Much of OpenStack is hard-coded to use http instead of https. Of particular interest is keystone which is the identity service for OpenStack. https:/
* keystone is on a separate server from the other OpenStack components
* horizon (the OpenStack Dashboard) is on a different system than keystone
* users access OpenStack remotely
* users access horizon (the OpenStack dashboard) over http
Adding horizon and keystone tasks.
Changed in keystone (Ubuntu Precise): | |
status: | New → Triaged |
Changed in horizon (Ubuntu Precise): | |
status: | New → Triaged |
Changed in keystone (Ubuntu Precise): | |
importance: | Undecided → High |
milestone: | none → ubuntu-12.04 |
Changed in horizon (Ubuntu Precise): | |
milestone: | none → ubuntu-12.04 |
importance: | Undecided → High |
description: | updated |
Changed in ubuntu-release-notes: | |
status: | Fix Committed → Fix Released |
Changed in horizon (Ubuntu): | |
assignee: | nobody → James Page (james-page) |
Changed in keystone (Ubuntu): | |
assignee: | nobody → James Page (james-page) |
Changed in keystone (Ubuntu Precise): | |
status: | Triaged → Fix Released |
Changed in horizon (Ubuntu Precise): | |
status: | Triaged → Fix Released |
To post a comment you must log in.
Release Note Added:
* The default install of Openstack should be used on a protected network, as many components use http (non-SSL) as a transport, and therefore subject to security concerns. This can be mitigated by post install customisations.
https:/ /wiki.ubuntu. com/PrecisePang olin/ReleaseNot es/UbuntuServer