octavia/api-ref/source/v2/examples/pool-create-request.json
Dawson Coleman 9a6da86481 Add TLS version configuration for pools
Add field tls_versions to pools for restricing TLS versions used.
This is a colon-separated string of versions to be used.
Available values (as defined in octavia-lib):
SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3

Add default_pool_tls_versions in octavia.conf

Note: TLSv1.3 connections will use haproxy's default ciphers
instead of the listener's tls_ciphers field

Change-Id: I480b7fb9756d98ba9dbcdfd1d4b193ce6868e291
Story: 2006733
Task: 37173
Depends-On: Ic33d9b9a256490ae1b048cdfd2475d6340509fdb
2020-06-03 21:58:47 +00:00

22 lines
904 B
JSON

{
"pool": {
"lb_algorithm": "ROUND_ROBIN",
"protocol": "HTTP",
"description": "Super Round Robin Pool",
"admin_state_up": true,
"session_persistence": {
"cookie_name": "ChocolateChip",
"type": "APP_COOKIE"
},
"listener_id": "023f2e34-7806-443b-bfae-16c324569a3d",
"name": "super-pool",
"tags": ["test_tag"],
"tls_container_ref": "http://198.51.100.10:9311/v1/containers/4073846f-1d5e-42e1-a4cf-a7046419d0e6",
"ca_tls_container_ref": "http://198.51.100.10:9311/v1/containers/5f0d5540-fae6-4646-85d6-8a84883807fb",
"crl_container_ref": "http://198.51.100.10:9311/v1/containers/6faf0a01-6892-454c-aaac-650282820c0b",
"tls_enabled": true,
"tls_ciphers": "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256",
"tls_versions": ["TLSv1.2", "TLSv1.3"]
}
}