← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1593436] [NEW] Fix designate dns driver for SSL based endpoints

 

Public bug reported:

https://review.openstack.org/326958
Dear bug triager. This bug was created since a commit was marked with DOCIMPACT.
Your project "openstack/neutron" is set up so that we directly report the documentation bugs against it. If this needs changing, the docimpact-group option needs to be added for the project. You can ask the OpenStack infra team (#openstack-infra on freenode) for help if you need to.

commit 9cd95366a035b29001ce75515d291cf72d07d0c3
Author: imran malik <imran.malik@xxxxxxx>
Date:   Wed Jun 8 02:45:32 2016 -0700

    Fix designate dns driver for SSL based endpoints
    
    Allow setting options in designate section to specify if want
    to skip SSL cert check. This makes it possible to work with HTTPS
    based endpoints, the default behavior of keystoneclient is to always
    set verify=True however in current code, one cannot either provide
    a valid CA cert or skip the verification.
    
    DocImpact: Introduce two additional options for `[designate]` section
    in neutron.conf
    CONF.designate.insecure to allow insecure connections over SSL.
    CONF.designate.ca_cert for a valid cert when connecting over SSL
    
    Change-Id: Ic371cc11d783618c38ee40a18206b0c2a197bb3e
    Closes-Bug: #1588067

** Affects: neutron
     Importance: Undecided
         Status: New


** Tags: doc neutron

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1593436

Title:
      Fix designate dns driver for SSL based endpoints

Status in neutron:
  New

Bug description:
  https://review.openstack.org/326958
  Dear bug triager. This bug was created since a commit was marked with DOCIMPACT.
  Your project "openstack/neutron" is set up so that we directly report the documentation bugs against it. If this needs changing, the docimpact-group option needs to be added for the project. You can ask the OpenStack infra team (#openstack-infra on freenode) for help if you need to.

  commit 9cd95366a035b29001ce75515d291cf72d07d0c3
  Author: imran malik <imran.malik@xxxxxxx>
  Date:   Wed Jun 8 02:45:32 2016 -0700

      Fix designate dns driver for SSL based endpoints
      
      Allow setting options in designate section to specify if want
      to skip SSL cert check. This makes it possible to work with HTTPS
      based endpoints, the default behavior of keystoneclient is to always
      set verify=True however in current code, one cannot either provide
      a valid CA cert or skip the verification.
      
      DocImpact: Introduce two additional options for `[designate]` section
      in neutron.conf
      CONF.designate.insecure to allow insecure connections over SSL.
      CONF.designate.ca_cert for a valid cert when connecting over SSL
      
      Change-Id: Ic371cc11d783618c38ee40a18206b0c2a197bb3e
      Closes-Bug: #1588067

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1593436/+subscriptions


Follow ups