Container Infrastructure Management Service for OpenStack
Go to file
Madhuri cefc5a9ac3 Add Certificate controller for TLS support.
The Certificate controller has 2 operations:

1. POST

Generate X509 certificate using bay's CA cert.
Below is an example of Certificate POST API request using magnum command:

Example Request:

    curl -X POST -H 'Content-Type: application/json' \
        -d '{"bay_uuid": "<bay_uuid>", "csr": "<csr>"}' \
        http://localhost:9511/v1/certificates

This creates a X509 certificate signed by the given bay's CA and returns
it. No database information is stored in Magnum against it. For each POST
request, a new certificate is generated.

Example Response:

    {"bay_uuid": "<bay_uuid>", "csr": "<csr>",
     "pem": "<pem encoded certifiacte>"}

2. GET
Fetches the CA cert associated with a bay. Below is an example of CA GET
API request using magnum command:

Example Request:

    curl -X GET http://localhost:9511/v1/certificates/<bay_uuid>

This fetches stored CA cert for the given Bay, which can be used to validate
any client and node certificates signed by the Bay's CA. The value for each
is fetched from Barbican or Magnum db based on the different configuration
for storage of certificates.

Example Response:

    {"bay_uuid": "<bay_uuid>", "pem": "<pem encoded certifiacte>"}

Co-Authored-By: Andrew Melton <andrew.melton@rackspace.com>

Change-Id: I4b72cc1e1bddc7a7c7eeb0ab22d3769a666ccb2b
Partially-Implements: bp secure-kubernetes
2015-09-05 13:45:43 +00:00
contrib/templates/example Fix the wrong platform usage 2015-07-22 01:25:24 +00:00
devstack Generate certs while creating bay 2015-09-05 16:25:58 +09:00
doc/source Merge "Fix the representation of REST" 2015-09-01 05:09:38 +00:00
etc/magnum Add Certificate controller for TLS support. 2015-09-05 13:45:43 +00:00
magnum Add Certificate controller for TLS support. 2015-09-05 13:45:43 +00:00
specs Merge "Fix the link for Docker Remote API" 2015-09-01 09:43:02 +00:00
.coveragerc Initial commit from github (squashed) 2014-11-18 09:23:37 -05:00
.gitignore Add .DS_Store to .gitignore 2015-07-10 10:53:19 -05:00
.gitreview Update .gitreview for project rename 2015-03-28 00:20:40 +00:00
.mailmap Initial commit from github (squashed) 2014-11-18 09:23:37 -05:00
.testr.conf Make room for functional tests 2015-04-02 12:25:43 -04:00
CONTRIBUTING.rst Workflow documentation is now in infra-manual 2014-12-05 03:30:45 +00:00
Dockerfile Fix the docker build image issue 2015-05-18 11:11:25 +08:00
HACKING.rst Eliminate mutable default arguments 2015-07-10 13:33:49 +00:00
LICENSE Initial commit from github (squashed) 2014-11-18 09:23:37 -05:00
MANIFEST.in Copy Ironic's database model codebase 2014-12-02 15:04:31 -07:00
README.rst Fix the representation of REST 2015-09-01 08:40:39 +05:30
babel.cfg Initial commit from github (squashed) 2014-11-18 09:23:37 -05:00
bandit.yaml Add Bandit security lint checking via tox 2015-04-08 10:41:42 -07:00
functional_creds.conf.sample Make functional test work with new tox env 2015-05-19 11:07:34 +08:00
openstack-common.conf port to oslo.service 2015-06-28 14:29:00 +08:00
requirements.txt Add a tool to manage x509 objects 2015-09-05 16:25:57 +09:00
setup.cfg Add CertManager to store CA and client certificate 2015-09-05 16:25:57 +09:00
setup.py Updated from global requirements 2015-07-15 07:34:25 +00:00
test-requirements-bandit.txt Update bandit for new usage requirement 2015-04-10 11:19:17 +08:00
test-requirements.txt Removing unused dependency: discover 2015-08-28 19:55:42 +05:30
tox.ini Remove H302, H803, H904 2015-07-16 09:14:21 +00:00

README.rst

Magnum

Magnum is an OpenStack project which offers container orchestration engines for deploying and managing containers as first class resources in OpenStack.

For more information, please refer to the following resources: