Activity log for bug #1523222
Date | Who | What changed | Old value | New value | Message |
---|---|---|---|---|---|
2015-12-06 11:14:48 | Kobi Samoray | bug | added bug | ||
2015-12-06 11:25:30 | Kobi Samoray | neutron: assignee | Kobi Samoray (ksamoray) | ||
2015-12-06 19:19:44 | Michael Johnson | tags | lbaas | ||
2015-12-07 17:23:59 | Kobi Samoray | tags | lbaas | lbaas rfe | |
2015-12-07 19:31:35 | Henry Gessau | neutron: status | New | Confirmed | |
2015-12-07 19:31:40 | Henry Gessau | neutron: importance | Undecided | Wishlist | |
2015-12-07 19:38:57 | Doug Wiegley | tags | lbaas rfe | lbaas rfe rfe-approved | |
2015-12-07 19:39:00 | Doug Wiegley | neutron: status | Confirmed | Triaged | |
2015-12-08 16:02:17 | Armando Migliaccio | tags | lbaas rfe rfe-approved | lbaas rfe-approved | |
2015-12-08 16:06:36 | Armando Migliaccio | tags | lbaas rfe-approved | lbaas rfe | |
2015-12-08 16:39:04 | Doug Wiegley | summary | LBaaSv2 TLS support is limited to offloading | Add LBaaSv2 TLS re-encryption to backend members | |
2015-12-08 16:42:05 | Doug Wiegley | description | Most of the load balancers allow termination of TLS connections. A load balancer may run a TLS connection on the client side while running an unencrypted connection at the server side - which is called offloading and is currently supported by the LBaaSv2 API. Another common practice is terminating the TLS connection at the load balancer - in order to allow L7 decision making or header manipulation, and running a TLS session on the server side. This is not supported by the current implementation. | Most of the load balancers allow termination of TLS connections. A load balancer may run a TLS connection on the client side while running an unencrypted connection at the server side - which is called offloading and is currently supported by the LBaaSv2 API. Another common practice is terminating the TLS connection at the load balancer - in order to allow L7 decision making or header manipulation, and running a TLS session on the server side. This is not supported by the current implementation. This involves two items: - Allowing a protocol of HTTPS for members. - Toggling the bits in the haproxy config file that connect via tls to members, instead of cleartext. | |
2015-12-08 17:19:17 | Henry Gessau | summary | Add LBaaSv2 TLS re-encryption to backend members | [RFE] Add LBaaSv2 TLS re-encryption to backend members | |
2016-02-11 22:42:28 | Armando Migliaccio | neutron: status | Triaged | Incomplete | |
2016-02-11 22:42:30 | Armando Migliaccio | neutron: assignee | Kobi Samoray (ksamoray) | ||
2016-04-12 04:17:45 | Launchpad Janitor | neutron: status | Incomplete | Expired |