Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 1484550

Summary: TLS for Internal services for Pacemaker
Product: Red Hat OpenStack Reporter: atelang <atelang>
Component: puppet-pacemakerAssignee: Michele Baldessari <michele>
Status: CLOSED CURRENTRELEASE QA Contact: nlevinki <nlevinki>
Severity: high Docs Contact:
Priority: high    
Version: 12.0 (Pike)CC: aavraham, amuller, apevec, chjones, chrisw, cyril, derekh, eglynn, fpercoco, jeckersb, jjoyce, josorior, jruzicka, jschluet, kbasil, lhh, mabrams, mburns, michele, nkinder, nyechiel, pkilambi, plemenko, rhel-osp-director-maint, rhos-maint, rrasouli, sbaker, shardy, slinaber, srevivo, ssmolyak, tfreger, thiago, tvignaud, ushkalim, zaitcev, zbitter
Target Milestone: ---Keywords: Triaged, ZStream
Target Release: 12.0 (Pike)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1484547 Environment:
Last Closed: 2018-01-08 16:19:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1484601, 1510144, 1484499, 1484506, 1484512, 1484517, 1484520, 1484521, 1484524, 1484531, 1484535, 1484542, 1484547, 1486759, 1486766    
Bug Blocks:    

Comment 1 Michele Baldessari 2017-09-12 09:26:13 UTC
So Damien and I verified that traffic is correctly encrypted when it is set. The work left here is to fix up upgrades. We're discussing approaches in the linked gerrit review

Comment 3 Chris Jones 2018-01-08 16:19:27 UTC
This works for SSL deployments in OSP12 and the upgrade case is less relevant because it's not possible to move from a non-SSL deployment to an SSL deployment in the general case.