Browse Source

Add LibvirtTLSPriority to set libvirtd tls_priority

Adds LibvirtTLSPriority parameter to override the compile time
default TLS priority string.
Default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'

Change-Id: Id05c5e88be2d9f90642ed5159cb2db03c997f83a
Closes-Bug: #1840447
(cherry picked from commit 56ccd717d4)
tags/10.6.1
Martin Schuppert 1 month ago
parent
commit
393f43a664

+ 6
- 0
deployment/nova/nova-libvirt-container-puppet.yaml View File

@@ -218,6 +218,11 @@ parameters:
218 218
                  https://libvirt.org/logging.html .
219 219
     type: string
220 220
     default: '1:libvirt 1:qemu 1:conf 1:security 3:event 3:json 3:file 3:object 1:util'
221
+  LibvirtTLSPriority:
222
+    description: >
223
+      Override the compile time default TLS priority string.
224
+    type: string
225
+    default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'
221 226
 
222 227
 conditions:
223 228
 
@@ -403,6 +408,7 @@ outputs:
403 408
                 generate_service_certificates: true
404 409
                 tripleo::profile::base::nova::migration::client::libvirt_tls: true
405 410
                 tripleo::profile::base::nova::libvirt::tls_password: {get_param: [LibvirtTLSPassword]}
411
+                nova::compute::libvirt::tls_priority: {get_param: LibvirtTLSPriority}
406 412
                 nova::migration::libvirt::listen_address:
407 413
                   str_replace:
408 414
                      template:

+ 5
- 0
releasenotes/notes/nova_libvirtd_tls_priority-d0129f804d7ca847.yaml View File

@@ -0,0 +1,5 @@
1
+---
2
+features:
3
+  - |
4
+    Adds LibvirtTLSPriority parameter to override the compile time default TLS
5
+    priority string. Default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'

Loading…
Cancel
Save