This bugs aims to promote OSP + Ceph on-wire encryption from TP to GA +++ This bug was initially created as a clone of Bug #1814033 +++ Ceph on-wire encryption via the msgr2 protocol as deployed by director needs to be verified by the Ceph Squad within the Storage DFG. More details on how to implement the deployment captured in BZ1810315. This is a TestOnly BZ. --- Additional comment from RHEL Program Management on 2020-03-19 08:07:09 CET --- This item has been properly Triaged and planned for the release, and Target Release is now set to match the release flag. For details, see https://mojo.redhat.com/docs/DOC-1144661#jive_content_id_OSP_Release_Planning --- Additional comment from Giulio Fidente on 2020-03-19 08:08:49 CET --- Yogev, if we're unable to test this for 16.0.2 let's change release flag and target milestone appropriately --- Additional comment from RHEL Program Management on 2020-03-20 16:21:42 CET --- This item has been properly Triaged and planned for the release, and Target Release is now set to match the release flag. For details, see https://mojo.redhat.com/docs/DOC-1195410 --- Additional comment from Scott Lewis on 2020-03-23 21:28:05 CET --- This item has been properly Triaged and planned for the appropriate release, and is being tagged for tracking. --- Additional comment from Chuck Copello on 2020-03-26 18:42:07 CET --- Hi John, should Target Milestone be Beta or earlier for 16.1? --- Additional comment from Gregory Charot on 2020-03-26 18:49:07 CET --- We don't have the capacity to test this for 16.1GA so targeting 16.1.1 (hence the z1 TM) --- Additional comment from Scott Lewis on 2020-03-30 17:30:15 CEST --- This item has had a change in release flag, and has been removed from tracking for the GA. --- Additional comment from Ben England on 2020-06-10 20:35:11 CEST --- Has anyone succeeded in turning on Ceph encryption? and verifying that it is being used? I'm trying to use it in this build: http://download.eng.bos.redhat.com/rhel-8/composes/auto/ceph-4.1-rhel-8/RHCEPH-4.1-RHEL-8-20200603.ci.1/ which installs RPMs with version with this documentation: https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/4/html/data_security_and_hardening_guide/assembly-encryption-and-key-management#enabling-the-messenger-v2-protocol_sec The installation procedure is described here: https://docs.google.com/document/d/1iSL5PPXVn_6aDBcKGjvHVp5w0o3E9ztmSEDAQAisYEI/edit#heading=h.fwqv6d8xumgp --- Additional comment from Gregory Charot on 2020-06-11 18:26:02 CEST --- We planning to test this after 16.1GA as a testonly to ensure this does not break any OSP service integration. We target this for fall or so this year. Thanks for your test/doc Ben, any concern / issue you would like to share? --- Additional comment from Chuck Copello on 2020-06-16 14:45:17 CEST --- Adding Andy to the CC: list and removing myself. --- Additional comment from Chuck Copello on 2020-06-16 14:49:12 CEST --- Adding Andy to the CC: list and removing myself. --- Additional comment from Gregory Charot on 2020-06-25 14:25:32 CEST --- Moving to z2 as z1 will be blockers only --- Additional comment from Gregory Charot on 2020-10-21 11:55:03 CEST --- moving to tech preview as per discussion with the Ceph team --- Additional comment from Yogev Rabl on 2020-11-18 18:14:09 CET --- Verified