octavia/releasenotes/notes/stop-logging-amphora-cert-2e188675699d60d5.yaml
Nir Magnezi 7e8ece9474 Stop Logging Amphora Cert
Stop logging amphora cert for tasks:

octavia-failover-amphora-flow- \
octavia-create-amp-for-lb-subflow-octavia-generate-serverpem

And:
octavia-create-amp-for-lb-subflow-octavia-update-cert-expiration

This patch adds more exclusions to taskflow DynamicLoggingListener,
which logs task results when running in debug mode.

Failing Over a loadbalancer (SINGLE):
Before: http://paste.openstack.org/show/C0ghBQCXBv6YXqR4YRUY/
After:  http://paste.openstack.org/show/S4bezDTre4KU4oeQDrsF/

Failing Over a loadbalancer (ACTIVE_STANDBY):
Before: http://paste.openstack.org/show/u9aQGvE64evYuYbcWvF4/
After:  http://paste.openstack.org/show/BlJEqGYpHaZYu3LBww3g/

While writing this patch, I also tested for:
1. loadbalancer create with SINGLE topology.
2. loadbalancer create with ACTIVE_STANDBY topology.
3. loadbalancer amphora failover with SINGLE topology.
4. loadbalancer amphora failover with ACTIVE_STANDBY topology.

I didn't notice any cert prints for those cases.

I was not able to trigger the above-mentioned
octavia-update-cert-expiration, but we have a clear indication for
it in a log screenshot that I attached to the StoryBoard.

Story: 2004606
Task: 28503

Change-Id: I136081045787c1bbe3ee846d5845a34201c57864
2018-12-13 14:44:06 +00:00

8 lines
280 B
YAML

---
security:
- |
Fixed a debug level logging of Amphora certificates for flows
such as 'octavia-create-amp-for-lb-subflow-octavia-generate-serverpem'
(triggered with loadbalancer failover) and
'octavia-create-amp-for-lb-subflow-octavia-update-cert-expiration'.