containerized rabbitmq does not use SSL when enable_internal_tls is set to true
Bug #1709558 reported by
Damien Ciabrini
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| tripleo |
Fix Released
|
High
|
Damien Ciabrini | ||
Bug Description
With the "TLS everywhere" work, rabbitmq can now use TLS for to serve and mirror traffic.
This works on non-containerized deployment, but containerized rabbitmq deployment do not get configured as expected, they keep using plain unencrypted sockets.
| Changed in tripleo: | |
| assignee: | nobody → Damien Ciabrini (dciabrin) |
| status: | New → In Progress |
| Changed in tripleo: | |
| importance: | Undecided → Critical |
| milestone: | none → pike-rc1 |
| Changed in tripleo: | |
| importance: | Critical → High |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to puppet-tripleo (master) | #1 |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to tripleo-heat-templates (master) | #2 |
| Changed in tripleo: | |
| status: | In Progress → Fix Released |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix included in openstack/tripleo-heat-templates 7.0.0.0rc1 | #3 |
To post a comment you must log in.
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit 86a3261b4d08e2d
Author: Damien Ciabrini <email address hidden>
Date: Mon Aug 7 20:32:51 2017 +0000
Enable TLS configuration for containerized RabbitMQ
In non-containerized deployments, RabbitMQ can be configured to use TLS for
serving and mirroring traffic.
Fix the creation of the rabbitmq bundle resource to enable TLS when configured.
The key and cert are passed as other configuration files and must be copied by
Kolla at container startup.
Change-Id: Ia64d79462de701
Partial-Bug: #1709558