Commit Graph

4 Commits

Author SHA1 Message Date
Andreas Jaeger fb3f6f99b1 Retire repository
Fuel (from openstack namespace) and fuel-ccp (in x namespace)
repositories are unused and ready to retire.

This change removes all content from the repository and adds the usual
README file to point out that the repository is retired following the
process from
https://docs.openstack.org/infra/manual/drivers.html#retiring-a-project

See also
http://lists.openstack.org/pipermail/openstack-discuss/2019-December/011647.html

Depends-On: https://review.opendev.org/699362
Change-Id: I32d0e133270d39e9aad29e22c4465bc2083cf89f
2019-12-18 09:51:17 +01:00
Marek Zawadzki 4470ca962b Configure TLS for libvirtd in Nova
This patch adds optional support for TLS encryption in libvirtd endpoints using
certificates.
Without encryption, libvirtd listens on private interface of K8s node without
any authentication thus allowing connections from any host on the internal
network.

TLS for libvirt is ENABLED by default and can be disabled in fuel-ccp-nova's
defaults.yaml file. When using TLS, CCP operator has 3 options:
1. Use sample, self-signed wildcard certificates valid for 10 years built into
config files (e.g. for testing purposes) - default.
2. Regenerate above certs using a script provided in tools/.
3. Provide own certificates.

The TLS configuration provided by this patch uses workarounds to make wildcard
certifcates work and should be used for testing purposes only.
The reason to have TLS enabled by default is to run all tests (e.g. CI) with
encrypted communication and catch possible errors.

An implementation more suitable for production usage may follow in a separate
patch.

Change-Id: I1d770e3618e2f5a32573b7ded74b11df18338f85
2016-12-21 15:22:52 +01:00
Sergey Lukjanov 582c80f1e1 Yaml linter execution and config improved
Change-Id: Ib7d32d90e1ba89bc904269aef13d2074418ffdaa
2016-09-16 19:56:08 -07:00
Artur Zarzycki d8e33ec658 Fix to pass linters tests
Change-Id: Ic9e0bd87e48ae9b694a5400d856c0206503369a6
2016-07-06 17:31:51 +02:00