OpenStack-Ansible

Clients connection to Galera cluster should be encrypted

Bug #1667789 reported by Andrey Grebennikov
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack-Ansible
Fix Released
Undecided
Jimmy McCrory

Bug Description

All OpenStack services connecting to Galera cluster should support encrypting.
Galera cluster should be set up by default with SSL support.

Andrey Grebennikov (agrebennikov)
Changed in openstack-ansible:
assignee: nobody → Andrey Grebennikov (agrebennikov)
OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible (master)

Fix proposed to branch: master
Review: https://review.openstack.org/438068

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_nova (master)

Fix proposed to branch: master
Review: https://review.openstack.org/438095

OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: Andrey Grebennikov (agrebennikov) → Jesse Pretorius (jesse-pretorius)
OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: Jesse Pretorius (jesse-pretorius) → Andrey Grebennikov (agrebennikov)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_nova (master)

Reviewed: https://review.openstack.org/438095
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_nova/commit/?id=57e283fdfa4954d0cfd2d2ccf5ac67d83dd461f2
Submitter: Jenkins
Branch: master

commit 57e283fdfa4954d0cfd2d2ccf5ac67d83dd461f2
Author: Andrey <email address hidden>
Date: Fri Feb 24 15:53:15 2017 -0600

    Added MySQL connection SSL support

    MySQL SSL connections allowed.
    When nova_galera_use_ssl is True Nova sets up encrypted connection
    to the database using either self-signed or user-provided CA certificate.

    Partial-Bug: #1667789

    Change-Id: I16e074865367e52d17baadb4703e615f89142893

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_nova (stable/ocata)

Fix proposed to branch: stable/ocata
Review: https://review.openstack.org/441715

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_nova (stable/newton)

Fix proposed to branch: stable/newton
Review: https://review.openstack.org/441716

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_cinder (stable/ocata)

Fix proposed to branch: stable/ocata
Review: https://review.openstack.org/441717

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_cinder (stable/newton)

Fix proposed to branch: stable/newton
Review: https://review.openstack.org/441718

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_glance (master)

Fix proposed to branch: master
Review: https://review.openstack.org/441721

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_nova (master)

Fix proposed to branch: master
Review: https://review.openstack.org/444491

OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: Andrey Grebennikov (agrebennikov) → Marc Gariépy (mgariepy)
Marc Gariépy (mgariepy)
Changed in openstack-ansible:
assignee: Marc Gariépy (mgariepy) → nobody
OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: nobody → Jesse Pretorius (jesse-pretorius)
OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: Jesse Pretorius (jesse-pretorius) → Andrey Grebennikov (agrebennikov)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-galera_client (master)

Fix proposed to branch: master
Review: https://review.openstack.org/448743

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-galera_server (master)

Reviewed: https://review.openstack.org/425997
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-galera_server/commit/?id=eb5fc9c1e852866bc5e332a697bfeb86dfc44047
Submitter: Jenkins
Branch: master

commit eb5fc9c1e852866bc5e332a697bfeb86dfc44047
Author: Andrey <email address hidden>
Date: Thu Jan 26 18:37:11 2017 -0600

    Added Galera SSL support

    MySQL SSL connections allowed. Self-signed SSL bundle
    created and placed to the deployment host, or user-provided
    SSL bundle (CA, cert and the key) is used.

    Change-Id: Ibac61d45cea67123fe61a6de4f906b4bd1949a34
    Partial-Bug: #1667789

OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: Andrey Grebennikov (agrebennikov) → Jesse Pretorius (jesse-pretorius)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_nova (master)

Reviewed: https://review.openstack.org/444491
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_nova/commit/?id=15131c7649c41e496bd746015dcf35013eebcd04
Submitter: Jenkins
Branch: master

commit 15131c7649c41e496bd746015dcf35013eebcd04
Author: Andrey <email address hidden>
Date: Tue Mar 7 16:53:43 2017 -0600

    Fixed error in Galera SSL connection related task

    (according to https://review.openstack.org/#/c/425997/)

    Change-Id: I1cbee2de437284cbc241710aa4ace3d985e20574
    Partial-Bug: #1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-galera_server (stable/ocata)

Fix proposed to branch: stable/ocata
Review: https://review.openstack.org/452237

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-galera_server (stable/newton)

Fix proposed to branch: stable/newton
Review: https://review.openstack.org/452238

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-galera_client (master)

Reviewed: https://review.openstack.org/448743
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-galera_client/commit/?id=c093c13e01826da545bf9a0259e0be441bc1b5e1
Submitter: Jenkins
Branch: master

commit c093c13e01826da545bf9a0259e0be441bc1b5e1
Author: Andrey <email address hidden>
Date: Wed Mar 22 13:27:33 2017 -0500

    Added Galera SSL support

    MySQL SSL connections allowed. Self-signed SSL CA cert or user-provided
    CA certificate delivered from the deployment host.

    Change-Id: Iaa07435357139133e325d85808b419e8c55b5e50
    Partial-Bug: #1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-galera_client (stable/newton)

Fix proposed to branch: stable/newton
Review: https://review.openstack.org/452282

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-galera_client (stable/newton)

Reviewed: https://review.openstack.org/452282
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-galera_client/commit/?id=d2c8ca9db71e2689a83d94889bf21a319aae617b
Submitter: Jenkins
Branch: stable/newton

commit d2c8ca9db71e2689a83d94889bf21a319aae617b
Author: Andrey <email address hidden>
Date: Wed Mar 22 13:27:33 2017 -0500

    Added Galera SSL support

    MySQL SSL connections allowed. Self-signed SSL CA cert or user-provided
    CA certificate delivered from the deployment host.

    Partial-Bug: #1667789
    (cherry picked from commit c093c13e01826da545bf9a0259e0be441bc1b5e1)

    Change-Id: Ifcbf44a6bdc9d028c494f5cc9b6a6f84d3f2dc52

tags: added: in-stable-newton
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-galera_server (stable/ocata)

Reviewed: https://review.openstack.org/452237
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-galera_server/commit/?id=6389811beff38a9ab7dd7e7b126e83faf3e91c7c
Submitter: Jenkins
Branch: stable/ocata

commit 6389811beff38a9ab7dd7e7b126e83faf3e91c7c
Author: Andrey <email address hidden>
Date: Thu Jan 26 18:37:11 2017 -0600

    Added Galera SSL support

    MySQL SSL connections allowed. Self-signed SSL bundle
    created and placed to the deployment host, or user-provided
    SSL bundle (CA, cert and the key) is used.

    Change-Id: Ibac61d45cea67123fe61a6de4f906b4bd1949a34
    Partial-Bug: #1667789
    (cherry picked from commit eb5fc9c1e852866bc5e332a697bfeb86dfc44047)

tags: added: in-stable-ocata
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-galera_server (stable/newton)

Reviewed: https://review.openstack.org/452238
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-galera_server/commit/?id=fffeb4bb6639ae231b899f439128565b2ad887b7
Submitter: Jenkins
Branch: stable/newton

commit fffeb4bb6639ae231b899f439128565b2ad887b7
Author: Andrey <email address hidden>
Date: Thu Jan 26 18:37:11 2017 -0600

    Added Galera SSL support

    MySQL SSL connections allowed. Self-signed SSL bundle
    created and placed to the deployment host, or user-provided
    SSL bundle (CA, cert and the key) is used.

    Change-Id: Ibac61d45cea67123fe61a6de4f906b4bd1949a34
    Partial-Bug: #1667789
    (cherry picked from commit eb5fc9c1e852866bc5e332a697bfeb86dfc44047)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on openstack-ansible-os_nova (stable/ocata)

Change abandoned by Kevin Carter (cloudnull) (<email address hidden>) on branch: stable/ocata
Review: https://review.openstack.org/441715
Reason: this change seems to be abandoned for now. as such im closing it however feel free to repopen if we decide to pick this back up.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on openstack-ansible-os_cinder (stable/ocata)

Change abandoned by Kevin Carter (cloudnull) (<email address hidden>) on branch: stable/ocata
Review: https://review.openstack.org/441717
Reason: this change seems to be abandoned at this time however feel free to reopen it at any should the need arise.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on openstack-ansible-os_cinder (stable/newton)

Change abandoned by Kevin Carter (cloudnull) (<email address hidden>) on branch: stable/newton
Review: https://review.openstack.org/441718

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on openstack-ansible-os_nova (stable/newton)

Change abandoned by Kevin Carter (cloudnull) (<email address hidden>) on branch: stable/newton
Review: https://review.openstack.org/441716

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/527798

Changed in openstack-ansible:
assignee: Jesse Pretorius (jesse-pretorius) → Jimmy McCrory (jimmy-mccrory)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_barbican (master)

Fix proposed to branch: master
Review: https://review.openstack.org/527814

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_glance (master)

Fix proposed to branch: master
Review: https://review.openstack.org/527827

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_cinder (master)

Fix proposed to branch: master
Review: https://review.openstack.org/527829

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_nova (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528001

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528007

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_heat (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528018

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528031

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_designate (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528040

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_gnocchi (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528041

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_ironic (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528044

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_magnum (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528047

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_trove (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528051

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_sahara (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528057

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_octavia (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528062

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_tacker (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528065

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible-os_aodh (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528068

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible (master)

Fix proposed to branch: master
Review: https://review.openstack.org/528079

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on openstack-ansible-os_cinder (master)

Change abandoned by Jimmy McCrory (<email address hidden>) on branch: master
Review: https://review.openstack.org/440925
Reason: superseded by https://review.openstack.org/#/c/527829/

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on openstack-ansible-os_glance (master)

Change abandoned by Jimmy McCrory (<email address hidden>) on branch: master
Review: https://review.openstack.org/441721
Reason: superseded by https://review.openstack.org/#/c/527827/

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_tacker (master)

Reviewed: https://review.openstack.org/528065
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_tacker/commit/?id=edc9c555b3df43a6fc85e932ebc07bdd71fe4388
Submitter: Zuul
Branch: master

commit edc9c555b3df43a6fc85e932ebc07bdd71fe4388
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 11:42:20 2017 -0800

    Add MySQL connection SSL support

    When 'tacker_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: I9165a04de869197ac05e60be799f59a263e98a7b
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_heat (master)

Reviewed: https://review.openstack.org/528018
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_heat/commit/?id=d9b49661282f89f33158d34299f89db3a0b3bfb6
Submitter: Zuul
Branch: master

commit d9b49661282f89f33158d34299f89db3a0b3bfb6
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 09:37:33 2017 -0800

    Add MySQL connection SSL support

    When 'heat_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: I8d582a5fe18b33592461f3ea23551c97720b8e7d
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_aodh (master)

Reviewed: https://review.openstack.org/528068
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_aodh/commit/?id=9f8713e5c0214a32d0f21ba089f7d27d078a50b7
Submitter: Zuul
Branch: master

commit 9f8713e5c0214a32d0f21ba089f7d27d078a50b7
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 11:52:11 2017 -0800

    Add MySQL connection SSL support

    When 'aodh_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: I24f06aeacd92d6eead4100009301e0fb975bc552
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_trove (master)

Reviewed: https://review.openstack.org/528051
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_trove/commit/?id=8be124b8c713e788a69201810ffb99a6e4162e0a
Submitter: Zuul
Branch: master

commit 8be124b8c713e788a69201810ffb99a6e4162e0a
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 11:27:11 2017 -0800

    Add MySQL connection SSL support

    When 'trove_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: Ia453e842cabbb46e25f9918e88738340ff08f2ab
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_neutron (master)

Reviewed: https://review.openstack.org/528007
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_neutron/commit/?id=7dce3277b04a1bacb015c7885bdb8db24f4d766f
Submitter: Zuul
Branch: master

commit 7dce3277b04a1bacb015c7885bdb8db24f4d766f
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 08:21:38 2017 -0800

    Add MySQL connection SSL support

    When 'neutron_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: Id576553bd481ed786ff0ed4948ce79bb74544000
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_glance (master)

Reviewed: https://review.openstack.org/527827
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_glance/commit/?id=e5ac2f07e3ad01e56d4d9756629746dbae9702c1
Submitter: Zuul
Branch: master

commit e5ac2f07e3ad01e56d4d9756629746dbae9702c1
Author: Jimmy McCrory <email address hidden>
Date: Wed Dec 13 17:12:14 2017 -0800

    Add MySQL connection SSL support

    When 'glance_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Partial-Bug: 1667789

    Change-Id: I18e9d47e88e61ff287e5120dead49b02cdf1f8ac
    Depends-On: I95cc994df5118fce7ce588fc0bff979bc283a6f3

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_barbican (master)

Reviewed: https://review.openstack.org/527814
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_barbican/commit/?id=5141c182095338e5e655e7558355ef53d61e4fb2
Submitter: Zuul
Branch: master

commit 5141c182095338e5e655e7558355ef53d61e4fb2
Author: Jimmy McCrory <email address hidden>
Date: Wed Dec 13 16:02:17 2017 -0800

    Add MySQL connection SSL support

    When 'barbican_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Partial-Bug: 1667789

    Change-Id: I10c578f32c54138cac87ad42adc0ab38d62da9a6
    Depends-On: I95cc994df5118fce7ce588fc0bff979bc283a6f3

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_horizon (master)

Reviewed: https://review.openstack.org/528031
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_horizon/commit/?id=b775123f54f3839965f9801d295330582265dd3f
Submitter: Zuul
Branch: master

commit b775123f54f3839965f9801d295330582265dd3f
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 10:26:37 2017 -0800

    Add MySQL connection SSL support

    When 'horizon_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: Ie7e0e5f7fc89978126d0d735367d8ecf3e007cfc
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_keystone (master)

Reviewed: https://review.openstack.org/527798
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_keystone/commit/?id=7a466a85cb79f04a1c6f11526a1bf66f10192165
Submitter: Zuul
Branch: master

commit 7a466a85cb79f04a1c6f11526a1bf66f10192165
Author: Jimmy McCrory <email address hidden>
Date: Wed Dec 13 14:19:41 2017 -0800

    Add MySQL connection SSL support

    When 'keystone_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Partial-Bug: 1667789

    Change-Id: I0f8c62412e088ebb9b0ed21f7ce707b14f69d62a
    Depends-On: I95cc994df5118fce7ce588fc0bff979bc283a6f3

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_ironic (master)

Reviewed: https://review.openstack.org/528044
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_ironic/commit/?id=3ecdde11291c8dcada164b53abb20fa253829cad
Submitter: Zuul
Branch: master

commit 3ecdde11291c8dcada164b53abb20fa253829cad
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 11:16:15 2017 -0800

    Add MySQL connection SSL support

    When 'ironic_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: I1c0598a2f83d330014ffbb2612386016347d3425
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_magnum (master)

Reviewed: https://review.openstack.org/528047
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_magnum/commit/?id=e2c5cc2cee53000b9e7de911cd2c9be975e4bae3
Submitter: Zuul
Branch: master

commit e2c5cc2cee53000b9e7de911cd2c9be975e4bae3
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 11:21:21 2017 -0800

    Add MySQL connection SSL support

    When 'magnum_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: I1ac622926542ff6a3dfca7be3703f33ede4013df
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_sahara (master)

Reviewed: https://review.openstack.org/528057
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_sahara/commit/?id=3603257d29821f19a2e83145d3dce7607b25f74e
Submitter: Zuul
Branch: master

commit 3603257d29821f19a2e83145d3dce7607b25f74e
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 11:31:03 2017 -0800

    Add MySQL connection SSL support

    When 'sahara_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: Ie39024c99cad0932f464707adc43019bc1062317
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_gnocchi (master)

Reviewed: https://review.openstack.org/528041
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_gnocchi/commit/?id=554a6df961d29becad0d421c10695bc967a276e1
Submitter: Zuul
Branch: master

commit 554a6df961d29becad0d421c10695bc967a276e1
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 11:06:05 2017 -0800

    Add MySQL connection SSL support

    When 'gnocchi_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: Ib5a87e9366cd9e5a78ccb774ced46e1791e7691d
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_designate (master)

Reviewed: https://review.openstack.org/528040
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_designate/commit/?id=270a8f8d73ab453f115d20a3643c4d8b3e52fefe
Submitter: Zuul
Branch: master

commit 270a8f8d73ab453f115d20a3643c4d8b3e52fefe
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 10:54:49 2017 -0800

    Add MySQL connection SSL support

    When 'designate_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: I0d8e3b685faa8d394fd56f8fbfd9b492d2c2cb60
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_octavia (master)

Reviewed: https://review.openstack.org/528062
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_octavia/commit/?id=8cc05a3d00291aafc6a9d3fd4f430f2bf78c0c14
Submitter: Zuul
Branch: master

commit 8cc05a3d00291aafc6a9d3fd4f430f2bf78c0c14
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 11:37:17 2017 -0800

    Add MySQL connection SSL support

    When 'octavia_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: I7a43d313474e17d7e968a5a9510368e3abdf6682
    Partial-Bug: 1667789

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_nova (master)

Reviewed: https://review.openstack.org/528001
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_nova/commit/?id=70c663391be81446d458b4a9f2dc509b27e72777
Submitter: Zuul
Branch: master

commit 70c663391be81446d458b4a9f2dc509b27e72777
Author: Jimmy McCrory <email address hidden>
Date: Thu Dec 14 08:07:06 2017 -0800

    Add MySQL connection SSL support

    When 'nova_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Change-Id: I9f9a130be3a4920170295b041b94dd435e3781d1
    Partial-Bug: 1667789

OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: Jimmy McCrory (jimmy-mccrory) → Jesse Pretorius (jesse-pretorius)
OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: Jesse Pretorius (jesse-pretorius) → Jimmy McCrory (jimmy-mccrory)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible-os_cinder (master)

Reviewed: https://review.openstack.org/527829
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-os_cinder/commit/?id=198acc08aa2924892dbee9adf5c949a6f940c016
Submitter: Zuul
Branch: master

commit 198acc08aa2924892dbee9adf5c949a6f940c016
Author: Jimmy McCrory <email address hidden>
Date: Wed Dec 13 17:22:39 2017 -0800

    Add MySQL connection SSL support

    When 'cinder_galera_use_ssl' is True, use an encrypted connection to
    the database using either a self-signed or user-provided CA certificate.

    A new non-voting test has been added to verify that the role remains
    functional when enabling SSL features.

    Partial-Bug: 1667789

    Change-Id: Ifeda0acb4b70ba313e6572c806125d31ab3eb300
    Depends-On: I95cc994df5118fce7ce588fc0bff979bc283a6f3

Dmitriy Rabotyagov (noonedeadpunk)
Changed in openstack-ansible:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on openstack-ansible (master)

Change abandoned by "Dmitriy Rabotyagov <email address hidden>" on branch: master
Review: https://review.opendev.org/c/openstack/openstack-ansible/+/528079
Reason: implemented with another patch

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.