Browse Source

Add LibvirtTLSPriority to set libvirtd tls_priority

Adds LibvirtTLSPriority parameter to override the compile time
default TLS priority string.
Default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'

Conflicts:
      deployment/nova/nova-libvirt-container-puppet.yaml

Removed the conflict, as this file is not present in Queens
release and corresponding changes are done in
puppet/services/nova-libvirt.yaml file.

Change-Id: Id05c5e88be2d9f90642ed5159cb2db03c997f83a
Closes-Bug: #1840447
(cherry picked from commit 56ccd717d4)
(cherry picked from commit 393f43a664)
(cherry picked from commit 9a31aafd33)
tags/8.4.1
Martin Schuppert 1 month ago
parent
commit
f16a588ad8

+ 6
- 0
puppet/services/nova-libvirt.yaml View File

@@ -136,6 +136,11 @@ parameters:
136 136
                  https://libvirt.org/logging.html .
137 137
     type: string
138 138
     default: '1:libvirt 1:qemu 1:conf 1:security 3:event 3:json 3:file 3:object 1:util'
139
+  LibvirtTLSPriority:
140
+    description: >
141
+      Override the compile time default TLS priority string.
142
+    type: string
143
+    default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'
139 144
 
140 145
 conditions:
141 146
 
@@ -240,6 +245,7 @@ outputs:
240 245
                 generate_service_certificates: true
241 246
                 tripleo::profile::base::nova::migration::client::libvirt_tls: true
242 247
                 tripleo::profile::base::nova::libvirt::tls_password: {get_param: [LibvirtTLSPassword]}
248
+                nova::compute::libvirt::tls_priority: {get_param: LibvirtTLSPriority}
243 249
                 nova::migration::libvirt::listen_address:
244 250
                   str_replace:
245 251
                      template:

+ 5
- 0
releasenotes/notes/nova_libvirtd_tls_priority-d0129f804d7ca847.yaml View File

@@ -0,0 +1,5 @@
1
+---
2
+features:
3
+  - |
4
+    Adds LibvirtTLSPriority parameter to override the compile time default TLS
5
+    priority string. Default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'

Loading…
Cancel
Save