Cinder uses tooz's etcd3gw driver for its DLM when running in active/active mode. Support for TLS was added to the tooz driver in Ussuri [1], but it's needed downstream in OSP 16.1. [1] https://review.opendev.org/710539
Verified on: python3-tooz-1.66.3-0.20200602080725.13a6dff.el8ost.noarch I can't install Cinder A/A TLS just yet. So to verify I used below on a Cinder controller on none TLS DCN A/A deployment. [root@central-controller0-0 ~]# podman exec -ti cinder_api bash -c 'grep https /usr/lib/python*/site-packages/tooz/drivers/etcd3gw.py' The PROTOCOL can be http or https. If not specified, HOST defaults to protocol = 'https' if parsed_url.scheme.endswith('https') else 'http' Above means tooz includes support for https, good to verify.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:3148