021e0a6a46
Adds a new flag (on by default) that enables generating a TLS certificate and sending it to ironic via heartbeat. Whether ironic supports auto-generated certificates is determined by checking its API version. Change-Id: I01f83dd04cfec2adc9e2a6b9c531391773ed36e5 Depends-On: https://review.opendev.org/747136 Depends-On: https://review.opendev.org/749975 Story: #2007214 Task: #40604
9 lines
340 B
YAML
9 lines
340 B
YAML
---
|
|
features:
|
|
- |
|
|
When a recent enough version of ironic is detected and ``listen_tls`` is
|
|
``False``, agent will now generate a self-signed TLS certificate and send
|
|
it to ironic on heartbeat. This ensures encrypted communication from
|
|
ironic to the agent. Set ``enable_auto_tls`` to ``False`` to disable this
|
|
behavior.
|