f8e7a15695
Octavia creates certificates and keys to manage encrypted communication channel to amphorae. When debug is enabled, the python taskflow module will log all the information we provide to tasks (and sub-flows) when we create amphorae or handle with anything related to certificates and keys management (rotations, etc). There are ways to tell taskflow to exclude specific things from being logged (e.g., I136081045787c1bbe3ee846d5845a34201c57864). While this handles some information in specific flows from being logged, it is susceptive to code changes. To avoid an everlasting whack-a-mole game, this patch will merely encrypt sensitive information so we can safely log it and decrypts it only when we need to use it. Conflicts: octavia/controller/worker/controller_worker.py octavia/controller/worker/tasks/amphora_driver_tasks.py octavia/controller/worker/tasks/database_tasks.py octavia/tests/unit/controller/worker/tasks/test_database_tasks.py Change-Id: I06d329ca53bc36bd27f7870ae7c7ca0cf18575b2 (cherry picked from commit |
||
---|---|---|
.. | ||
contrib | ||
etc/octavia | ||
files | ||
pregenerated | ||
samples | ||
README.md | ||
plugin.sh | ||
settings |
README.md
This directory contains the octavia devstack plugin. To configure octavia, in the local section you will need to enable the octavia devstack plugin and enable the octavia service by editing the local section of your local.conf file.
- Enable the plugin
To enable the octavia plugin, add a line of the form:
enable_plugin octavia <GITURL> [GITREF]
where
<GITURL> is the URL of an octavia repository
[GITREF] is an optional git ref (branch/ref/tag). The default is
master.
For example
enable_plugin octavia https://git.openstack.org/openstack/octavia master
- Enable the Octavia services
For example
ENABLED_SERVICES+=octavia,o-api,o-cw,o-hk,o-hm
For more information, see the "Externally Hosted Plugins" section of https://docs.openstack.org/devstack/latest/plugins.html