Bug 1898615
Summary: | [RFE] Enable IPSec for OVN | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux Fast Datapath | Reporter: | Dominik Holler <dholler> |
Component: | ovn2.13 | Assignee: | OVN Team <ovnteam> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | ying xu <yinxu> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | FDP 19.E | CC: | amusil, ctrautma, dcbw, jhsiao, jiji, jishi, mark.d.gray, mburman, qding, ralongi, tredaelli, yinxu |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-05-25 18:06:27 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1782141 | ||
Bug Blocks: | 1782056 |
Description
Dominik Holler
2020-11-17 16:26:54 UTC
With regards to testing for this feature, the following tutorial gives a detailed description of test set-up: https://docs.openvswitch.org/en/latest/tutorials/ipsec/. * There are three authentication methods, we should probably test all three but "Using CA-signed certificate" is the priority. * This can be used with a number of tunnel types, we should probably test at least "vxlan" and "geneve" but maybe others. As this openvswitch package will enable OVN IPsec to work, we may also have to validate that. Instructions for setup can be found here: https://docs.ovn.org/en/latest/tutorials/ovn-ipsec.html What's left to do for this bug? Based on the IPsec improvements in the 21.03 and 21.06 cycles, I'm closing this bug as CURRENTRELEASE. Please re-open if you find something specific that's not yet implemented. Thanks! |