Bug 1263058 - [Docs] [Ironic] Document procedures for setting up SSL
[Docs] [Ironic] Document procedures for setting up SSL
Status: NEW
Product: Red Hat OpenStack
Classification: Red Hat
Component: documentation (Show other bugs)
7.0 (Kilo)
Unspecified Unspecified
unspecified Severity medium
: async
: 8.0 (Liberty)
Assigned To: RHOS Documentation Team
: Documentation, ZStream
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-15 00:18 EDT by Lucy Bopf
Modified: 2017-08-05 22:18 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Lucy Bopf 2015-09-15 00:18:58 EDT
Create a section that outlines setting up SSL for Ironic in the Bare Metal Provisioning Guide. This has been requested by Summer Long from the security team, following a review of the draft document.

Some options for SSL are in ironic.conf, both for setting up communication with the Image server, and for any server in general.
Comment 3 Lucy Bopf 2015-09-15 00:20:31 EDT
Assigning to myself for review.
Comment 4 Andrew Dahms 2015-11-24 20:57:40 EST
Due to current scheduling restrictions and given the scope of work required for this bug, I am returning this bug to the default assignee to be re-triaged as the schedule allows.
Comment 5 Dmitry Tantsur 2016-10-04 12:57:53 EDT
Hi! Does it even need fixing? I think we're able to setup SSL for all services nowadays..
Comment 6 Lucy Bopf 2017-02-20 19:42:41 EST
(In reply to Dmitry Tantsur from comment #5)
> Hi! Does it even need fixing? I think we're able to setup SSL for all
> services nowadays..

Hi Dmitry,

Do you mean via director? I see that director integration was added in RHOSP 10, but in RHOSP 8 and 9, the Bare Metal Provisioning service is configured manually, so this request was to add a procedure for manually configuring SSL.

Is such a procedure still required for manual configurations, and could you help with providing the steps?
Comment 7 Dmitry Tantsur 2017-03-02 05:55:14 EST
Ah, got it. No, sorry, I don't know how to configure SSL in this case, but it's probably the same as for other services, modulo port numbers.

Note You need to log in before you can comment on or make changes to this bug.