Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-1525

Allow configuration of passphrase for fluent forward

    XMLWordPrintable

Details

    • Logging (Core) - Sprint 204
    • 3
    • Passed
    • NEW
    • Hide
      With this update, if you use the Fluentd forward protocol to forward log data over a TLS-encrypted connection, you can now use a password-encrypted private key file and specify the passphrase in the Cluster Log Forwarder configuration. For more information, see xref:/logging/cluster-logging-external.html#cluster-logging-collector-log-forward-fluentd_cluster-logging-external[Forwarding logs using the Fluentd forward protocol]
      Show
      With this update, if you use the Fluentd forward protocol to forward log data over a TLS-encrypted connection, you can now use a password-encrypted private key file and specify the passphrase in the Cluster Log Forwarder configuration. For more information, see xref:/logging/cluster-logging-external.html#cluster-logging-collector-log-forward-fluentd_cluster-logging-external[Forwarding logs using the Fluentd forward protocol]

    Description

      Story

      As a user of cluster log forwardering to a "fluent forward" output,
      I need to configure the passphrase for my TLS client private key
      so auth is configured properly to allow communication to the destination

      Acceptance Criteria

      • CLF with forward output sends records to "forward " service configured to use certs where the private key is protected with a pass phrase
      • The generated configuration uses the parameter "tls_client_private_key_passphrase" for the configured output
      • Documented secret key that is recognized by ClusterLogForwarder
      • Unit test verifying the new configuration

      Notes

      • Possible secret key values: passphrase, privateKeyPassphrase, ?
      • This change only applies to forward outputs but we should consider its applications to others
      • There is another story that is intended to over haul authorization configuration

      Attachments

        Issue Links

          Activity

            People

              vparfono Vitalii Parfonov
              jcantril@redhat.com Jeffrey Cantrill
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: