Browse Source

Merge "Add LibvirtTLSPriority to set libvirtd tls_priority" into stable/rocky

tags/9.4.1
Zuul 1 month ago
parent
commit
e89a6b7f99

+ 6
- 0
puppet/services/nova-libvirt.yaml View File

@@ -136,6 +136,11 @@ parameters:
136 136
                  https://libvirt.org/logging.html .
137 137
     type: string
138 138
     default: '1:libvirt 1:qemu 1:conf 1:security 3:event 3:json 3:file 3:object 1:util'
139
+  LibvirtTLSPriority:
140
+    description: >
141
+      Override the compile time default TLS priority string.
142
+    type: string
143
+    default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'
139 144
 
140 145
 conditions:
141 146
 
@@ -240,6 +245,7 @@ outputs:
240 245
                 generate_service_certificates: true
241 246
                 tripleo::profile::base::nova::migration::client::libvirt_tls: true
242 247
                 tripleo::profile::base::nova::libvirt::tls_password: {get_param: [LibvirtTLSPassword]}
248
+                nova::compute::libvirt::tls_priority: {get_param: LibvirtTLSPriority}
243 249
                 nova::migration::libvirt::listen_address:
244 250
                   str_replace:
245 251
                      template:

+ 5
- 0
releasenotes/notes/nova_libvirtd_tls_priority-d0129f804d7ca847.yaml View File

@@ -0,0 +1,5 @@
1
+---
2
+features:
3
+  - |
4
+    Adds LibvirtTLSPriority parameter to override the compile time default TLS
5
+    priority string. Default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'

Loading…
Cancel
Save