oslo_messaging_pika options are grouped too closely with oslo_messaging_rabbit
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
oslo.messaging |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Description:
The configuration options for the oslo.messaging pika driver are listed in the documentation under the oslo_messaging_
http://
In my specific case, the ssl_options parameter is listed in the documentation under oslo_messaging_
https:/
Impact:
When trying to make sure rabbit clients trust the SSL cert presented by the server, I want to set cert_reqs = ssl.CERT_REQUIRED somewhere. The documentation implies I can set it in [oslo_messaging
Steps to reproduce:
1. Enable SSL for your rabbitmq server.
2. Change your transport_url in any openstack service, e.g. neutron, to use the rabbitmq SSL port.
3. Add an [oslo_messaging
4. Notice in the debug logs that the ssl_options parameter is never loaded.
Expected result:
When using self-signed certs, the service should either fail to start or fail to respond to API calls.
Actual result:
The service works just fine with self-signed certs because by default the python ssl library uses CERT_NONE.
Changed in oslo.messaging: | |
status: | New → Won't Fix |
When you close a bug as "won't fix" please leave a comment about why it won't be fixed. In this case I can see that the pika driver was just removed, so I'm not contesting the resolution, but it is very unfriendly to close without an explanation.