Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1488826 - [RFE] [ODL] TLS/SSL Support
[RFE] [ODL] TLS/SSL Support
Status: CLOSED ERRATA
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-tripleo-heat-templates (Show other bugs)
12.0 (Pike)
Unspecified Unspecified
high Severity high
: Upstream M3
: 13.0 (Queens)
Assigned To: Tim Rozet
Itzik Brown
: FutureFeature, Triaged
Depends On: 1542605 1558236 1558652 1560741 1562394 1570940 1571988 1571990 1572236
Blocks: 1569858
  Show dependency treegraph
 
Reported: 2017-09-06 05:45 EDT by Nir Yechiel
Modified: 2018-10-18 03:18 EDT (History)
7 users (show)

See Also:
Fixed In Version: openstack-tripleo-heat-templates-8.0.0-0.20180215092255
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
N/A
Last Closed: 2018-06-27 09:36:15 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
OpenStack gerrit 530809 None master: MERGED puppet-vswitch: Adds SSL custom type/provider (Ic026ee0bc4f385e0f8cd7076b3044feeb935ae45) 2018-02-21 09:20 EST
OpenStack gerrit 530967 None master: MERGED puppet-neutron: Adds TLS support to configuring OVS with OpenDaylight (I719e8dddbd00d19fd8e1bd2a20dabd600b7b9d1c) 2018-02-21 09:20 EST
OpenStack gerrit 531003 None master: MERGED puppet-tripleo: Adds TLS support for OpenDaylight (Id579aea77bf8d679b514ef9851af36d9170e93a1) 2018-02-21 09:19 EST
OpenStack gerrit 531026 None master: MERGED tripleo-heat-templates: Adds SSL/TLS everywhere for OpenDaylight (I7c43f1358807f3ffeef2ddf29d0085ad55151dfe) 2018-02-21 09:19 EST
OpenDaylight gerrit 66285 None None None 2017-12-08 16:58 EST
OpenDaylight gerrit 66525 None None None 2017-12-15 16:40 EST
OpenDaylight gerrit 66995 None None None 2018-01-11 09:47 EST
Red Hat Product Errata RHEA-2018:2086 None None None 2018-06-27 09:37 EDT

  None (edit)
Description Nir Yechiel 2017-09-06 05:45:06 EDT 
Description of problem:

Encryption of internal API traffic has been a very high priority for RHOSP. We have been making steady progress to deliver coverage for all internal services, and need to ensure that OpenDaylight is covered as well.

TripleO already has TLS/SSL support for other services and we need to add support with OepnDaylight where possible:

From Southbound with OVS it looks to be supported [1][2][3]. 
Northbound SSL REST is documented as well [4].

This feature will require changes to TripleO and puppet-opendaylight as well. 


[1] http://docs.openvswitch.org/en/latest/howto/ssl/
[2] https://wiki.opendaylight.org/view/OpenDaylight_OpenFlow_Plugin:_TLS_Support
[3] https://wiki.opendaylight.org/view/AAA:Secure_TLS_communication 
[4] https://wiki.opendaylight.org/view/OpenDaylight_Controller:SSL_RestConf
Comment 13 Itzik Brown 2018-05-15 02:20:54 EDT 
Checked with:
2018-05-10.3

There is still this bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1572173 but it's being investigated and there is a reasonable workaround.
Comment 15 errata-xmlrpc 2018-06-27 09:36:15 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:2086
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.