Bug 1810315

Summary: [QE][Docs] Document how to deploy with Ceph on-wire encryption (msgr2 protocol) with director [16.1.3]
Product: Red Hat OpenStack Reporter: John Fulton <johfulto>
Component: documentationAssignee: Laura Marsh <lmarsh>
Status: CLOSED CURRENTRELEASE QA Contact: Yogev Rabl <yrabl>
Severity: medium Docs Contact:
Priority: medium    
Version: 16.0 (Train)CC: astillma, fpantano, gcharot, gfidente, lmarsh, spower, yrabl
Target Milestone: z3Keywords: Documentation
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: docs-accepted
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-02-02 21:56:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1766195    
Bug Blocks:    

Description John Fulton 2020-03-04 23:15:42 UTC 
Ceph documentation bug 1766195 resulted in the documentation of the Ceph on-wire encryption (msgr2 protocol). We need to document how to enable that feature when Ceph is deployed by Director.

The documented process needs to be tested by OpenStack QE within the Ceph squad of the Stoage DFG.
Comment 1 John Fulton 2020-03-04 23:27:11 UTC 
Chapter: "Enabling Encryption"

To enable Ceph on-wire encryption as described in (link to result of bug 1766195), ensure the following parameters are in your Heat environment override file:

parameter_defaults:
  CephConfigOverrides:
    mon:
      ms_cluster_mode: secure
      ms_service_mode: secure
      ms_client_mode: secure

This new chapter should be somewhere in the following document:

 https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.0/html/deploying_an_overcloud_with_containerized_red_hat_ceph/index

This content applies to all versions of the above openstack document which use RHCSv4. That is: 15, 16 and newer.
Comment 6 John Fulton 2020-03-16 20:06:39 UTC 
BZ 1814033 blocks this BZ because it tracks that the documentation was tested
Comment 7 Chuck Copello 2020-04-30 18:54:37 UTC 
Linked Engineering BZ moved to 16.1 z1; moving doc tracker accordingly.
Comment 21 Red Hat Bugzilla 2023-09-15 00:30:01 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days