openstack
/
octavia
Code Issues Proposed changes
Load Balancing as a Service (LBaaS) for OpenStack
2,451 Commits 9 Branches 48 Tags 93 MiB
Python 97.2%
Shell 1.9%
Jinja 0.9%
Go to file
Nir Magnezi dc4c0b6249 Encrypt certs and keys 
Octavia creates certificates and keys to manage encrypted
communication channel to amphorae.
When debug is enabled, the python taskflow module will log
all the information we provide to tasks (and sub-flows)
when we create amphorae or handle with anything related to
certificates and keys management (rotations, etc).

There are ways to tell taskflow to exclude specific things
from being logged (e.g., I136081045787c1bbe3ee846d5845a34201c57864).
While this handles some information in specific flows from being
logged, it is susceptive to code changes.

To avoid an everlasting whack-a-mole game, this patch will merely
encrypt sensitive information so we can safely log it and decrypts
it only when we need to use it.

Conflicts:
       octavia/controller/worker/controller_worker.py
       octavia/controller/worker/tasks/database_tasks.py

Change-Id: I06d329ca53bc36bd27f7870ae7c7ca0cf18575b2
(cherry picked from commit ae7c87f54a)
 		2019-03-06 09:46:10 +02:00
api-ref/source Fix UDP release note for CentOS 2018-08-08 13:25:24 -07:00
bin Two quick fixes (one log message, one cert create script thing) 2017-05-09 11:37:40 -04:00
devstack Encrypt certs and keys 2019-03-06 09:46:10 +02:00
diskimage-create Introduce ipvsadm to the amphora image 2018-07-06 00:02:54 +00:00
doc Clarify that the driver support library is interim 2018-08-02 08:35:12 -07:00
elements Fix IPv6 in Active/Standby topology 2018-12-12 17:30:22 +00:00
etc Separate the thread pool for health and stats update 2018-11-19 16:37:31 +01:00
httpd Run Octavia API in a WSGI server 2017-04-30 08:36:44 +00:00
octavia Encrypt certs and keys 2019-03-06 09:46:10 +02:00
playbooks Add grenade support 2018-06-14 09:43:04 +01:00
releasenotes Encrypt certs and keys 2019-03-06 09:46:10 +02:00
specs Merge "Implement provider drivers - Driver Library" 2018-07-26 23:51:50 +00:00
specs-tests Update tox 'docs' environment to test specs 2016-09-08 15:18:43 -07:00
tools Fix failover when multiple amphora have failed 2018-07-22 16:08:45 -07:00
zuul.d Update zuul/projects.yaml 2018-09-05 08:49:47 +02:00
.coveragerc Update .coveragerc after the removal of openstack directory 2016-10-17 17:11:16 +05:30
.gitignore Merge "Add api-ref for amphora failover" 2018-01-13 01:59:24 +00:00
.gitreview Update .gitreview for stable/rocky 2018-08-09 10:27:48 +00:00
.pylintrc Move from platform.linux_distribution to distro.id 2018-06-29 17:25:54 -07:00
.stestr.conf Gatefix: Migrate from testr to stestr 2017-09-13 17:12:21 +00:00
CONSTITUTION.rst Update the documentation link for doc migration 2017-09-22 00:45:56 +00:00
CONTRIBUTING.rst Update links in CONTRIBUTING.rst 2017-09-20 05:24:21 +00:00
HACKING.rst Update the documentation link for doc migration 2017-09-22 00:45:56 +00:00
LICENSE Populate repository with common initial files 2014-07-02 20:30:14 -07:00
README.rst Merge "Trivial: Update pypi url to new url" 2018-05-27 10:00:57 +00:00
TESTING.rst Introduce TESTING.rst for quick developer reference 2017-04-07 21:48:31 +00:00
babel.cfg Setup translation for octavia 2016-12-15 00:48:02 +00:00
lower-constraints.txt Move from platform.linux_distribution to distro.id 2018-06-29 17:25:54 -07:00
requirements.txt Move from platform.linux_distribution to distro.id 2018-06-29 17:25:54 -07:00
setup.cfg UDP for [2] 2018-08-07 11:13:58 +00:00
setup.py Updated from global requirements 2017-03-02 11:50:57 +00:00
test-requirements.txt fix tox python3 overrides 2018-06-27 09:32:00 +08:00
tox.ini Update UPPER_CONSTRAINTS_FILE for stable/rocky 2018-08-09 10:27:49 +00:00

README.rst

Team and repository tags

image

Octavia

Latest Version

Octavia is an operator-grade open source scalable load balancer for use in large OpenStack deployments. It delivers load balancing services on amphorae and provides centralized command and control. Octavia is currently the reference backend for Neutron LBaaS. In the near future, Octavia is likely to become the standard OpenStack LBaaS API endpoint.

Octavia is distributed under the terms of the Apache License, Version 2.0. The full terms and conditions of this license are detailed in the LICENSE file.

Project resources

Developer documentation for the Octavia project is available at https://docs.openstack.org/octavia/latest/

Release notes for the Octavia project are available at https://docs.openstack.org/releasenotes/octavia/

The project source code repository is located at https://git.openstack.org/cgit/openstack/octavia

Project status, bugs, and requests for feature enhancements are tracked on https://launchpad.net/octavia

For more information on project direction and guiding principles for contributors, please see the CONSTITUTION.rst file in this directory, or specifications in the specs/ sub-directory.

The project roadmap is available at https://wiki.openstack.org/wiki/Octavia/Roadmap