1169977 – [RFE] Support an option for Gear to GEAR communication to happen over SSL.

Bug 1169977 - [RFE] Support an option for Gear to GEAR communication to happen over SSL.

Summary: [RFE] Support an option for Gear to GEAR communication to happen over SSL.

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	RFE
Sub Component:
Version:	2.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Mike Barrett
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1092005
Blocks:
TreeView+	depends on / blocked

Reported:	2014-12-02 21:51 UTC by Eric Rich
Modified:	2019-06-13 08:09 UTC (History)
CC List:	11 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:	1092005
Environment:
Last Closed:	2016-01-28 15:13:54 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Eric Rich 2014-12-02 21:51:21 UTC

+++ This bug was initially created as a clone of Bug #1092005 +++

The request here if for Gear to Gear communication to happen over SSL or some secured mechanism. 

Example: 

     +--https----------------------------------+                            
      |                                         |                            
      |                                         |                            
+Client+                            +Node------------+                       
|      |                            |httpd proxy|    |                       
|      |                            +----------------+                       
|      |                            |           v http[s] << If possible https                      
+------+                            |       +HAProxy++                       
                                    |       |       ||                       
                                    |       +--------|                       
                                    +-------+--------+                       
                                             ||                              
                                             ||                              
                                             ||                              
                                             ||                              
                                             ||                              
         +Node------------+                  ||            +Node------------+
         |                |                  ||            |                |
         +----------------+                  ||            +----------------+
         |                |                  ||            |                |
         |       +Gear---++                  ||            |       +Gear---++
         |       |       <-------------https-++-https-------------->       ||
         |       +--------|                                |       +--------|
         +-------+--------+                                +-------+--------+

In short the request here is for HAProxy to have an option (secure_routing) that allows for it to directly contact a gear hosting an SSL endpoint.

Comment 4 Dan McPherson 2016-01-28 15:13:54 UTC

Closing as wontfix for v2.  Edge termination is now an option in v3:

https://docs.openshift.org/latest/dev_guide/routes.html

Note You need to log in before you can comment on or make changes to this bug.