Bug 1463349

Summary: [RFE] Add IPSec support for Ceph internal traffic via Director
Product: Red Hat OpenStack Reporter: Nathan Kinder <nkinder>
Component: openstack-tripleo-heat-templatesAssignee: Giulio Fidente <gfidente>
Status: CLOSED ERRATA QA Contact: Yogev Rabl <yrabl>
Severity: high Docs Contact:
Priority: medium    
Version: 14.0 (Rocky)CC: brault, dbecker, gcharot, gfidente, johfulto, kbasil, mburns, morazi, nlevine, nyechiel, pdonnell, rhel-osp-director-maint, sclewis, scohen, tvignaud, yrabl
Target Milestone: z1Keywords: FutureFeature, TestOnly, Triaged
Target Release: 14.0 (Rocky)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openstack-tripleo-heat-templates-9.0.0-0.20180710202746.d2994ca.el7ost Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-01-11 11:47:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1658801    
Bug Blocks: 1638610    

Description Nathan Kinder 2017-06-20 15:28:03 UTC 
Director needs to have support for configuring Ceph to use TLS for its internal traffic.  This includes the following 2 items:

 [ ] - Enable TLS for Ceph internal traffic
 [ ] - Enable TLS for Ceph Rados GW

Note - This was split off from the TLS everywhere RFE for OSP12 (bug# 1336504), which added TLS support for other internal traffic.
Comment 1 Red Hat Bugzilla Rules Engine 2017-06-20 15:28:32 UTC 
This bugzilla has been removed from the release and needs to be reviewed and Triaged for another Target Release.
Comment 2 John Spray 2017-08-29 15:45:33 UTC 
It's not obvious exactly what "ceph internal traffic" means.  Can you say exactly which paths it is, like mon->mon, osd->osd, mon->osd, client->osd, client->mon, etc?
Comment 24 errata-xmlrpc 2019-01-11 11:47:34 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2019:0045
Comment 26 Red Hat Bugzilla 2023-09-18 00:12:31 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days