1862998 – baremetal: Deploy ironic with HTTP basic_auth

Bug 1862998 - baremetal: Deploy ironic with HTTP basic_auth

Summary: baremetal: Deploy ironic with HTTP basic_auth

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Cloud Compute
Sub Component:
Version:	4.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	4.6.0
Assignee:	Zane Bitter
QA Contact:	Daniel
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1850653 1885637
TreeView+	depends on / blocked

Reported:	2020-08-03 12:52 UTC by Steven Hardy
Modified:	2020-10-27 16:23 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:	Feature: Communication between the baremetal-operator, ironic, and ironic-inspector is now authenticated. Reason: Previously, any container in the cluster (including user workloads) could trivially make calls to the Ironic APIs to determine information about and take action on the hardware underlying the cluster. Result: Only the authorised services can use the non-public parts of the Ironic API. Access directly to Ironic for debugging purposes now requires the credentials, which are stored in a Secret in the cluster.
Clone Of:
Environment:
Last Closed:	2020-10-27 16:22:34 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift machine-api-operator pull 657	0	None	closed	Bug 1862998: baremetal: Deploy ironic with HTTP basic_auth	2020-10-07 13:50:48 UTC
Red Hat Product Errata	RHBA-2020:4196	0	None	None	None	2020-10-27 16:23:00 UTC

Description Steven Hardy 2020-08-03 12:52:33 UTC

Description of problem:

To secure the ironic and inspector API endpoints we need to configure the containers via the MAO to enable HTTP basic_auth

Comment 6 errata-xmlrpc 2020-10-27 16:22:34 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4196

Note You need to log in before you can comment on or make changes to this bug.