SNI in stable/liberty & master(mitaka) for octavia is not able to validated
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
octavia |
Fix Released
|
Critical
|
Adam Harwell |
Bug Description
So we want to backport TLS patches to stable/liberty for octavia, here are there patches that we need to backported:
https:/
https:/
https:/
I went through the steps in the wikipage --- https:/
1.git clone devstack stable/liberty version
2. edit the localrc file with octavia barbican and neutron-lbaas with stable/liberty version
3. ./stack
4. after the devstack is up, cherry-picked the above 3 patches in octaiva , python install them and edited the section of etc/octavia/
5. created tls lb, listener,pool, member
6. in the validation part, i got the timeout error:
test@test-
* Rebuilt URL to: https:/
* Hostname was NOT found in DNS cache
* Trying 10.0.0.5...
* connect to 10.0.0.5 port 443 failed: Connection timed out
* Failed to connect to 10.0.0.5 port 443: Connection timed out
* Closing connection 0
test@test-
Changed in octavia: | |
importance: | Undecided → Critical |
Changed in octavia: | |
assignee: | nobody → Adam Harwell (adam-harwell) |
status: | New → Triaged |
Until TLS is working in master / mitaka, there isn't even a complete list of patches to backport. We need to revisit this once we have all of the patches to fix this actually merged into Mitaka...