Bug 1822720
Summary: | OVN metrics exposed over insecure channel | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Juan Luis de Sousa-Valadas <jdesousa> |
Component: | Networking | Assignee: | Juan Luis de Sousa-Valadas <jdesousa> |
Networking sub component: | ovn-kubernetes | QA Contact: | Ross Brattain <rbrattai> |
Status: | CLOSED ERRATA | Docs Contact: | |
Severity: | high | ||
Priority: | medium | CC: | anusaxen, bbennett, dcbw, rbrattai, rkhan |
Version: | 4.5 | ||
Target Milestone: | --- | ||
Target Release: | 4.6.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | SDN-CI-IMPACT | ||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: |
Feature:
Expose OVN metrics over TLS
Reason:
We don't any traffic over plain HTTP at all.
Result:
OVN metrics exposed on an HTTPS endpoint.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-10-27 15:57:47 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Juan Luis de Sousa-Valadas
2020-04-09 17:17:13 UTC
verified on 4.6.0-0.nightly-2020-08-24-110601
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=ovn-kubernetes-master-metrics.openshift-ovn-kubernetes.svc
* start date: Aug 27 23:23:13 2020 GMT
* expire date: Aug 27 23:23:14 2022 GMT
* common name: ovn-kubernetes-master-metrics.openshift-ovn-kubernetes.svc
* issuer: CN=openshift-service-serving-signer@1598570578
> GET /metrics HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 10.0.0.2:9102
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196 |