Summary

Implement propagation of the minimum TLS version and ciphersuites from the TLSSecurityProfile in the APIServer API object to the TLS listeners in fluentd, vector and log-file-metric-exporter.

Acceptance Criteria

Verify the log-file-metric-exporter is listening for metrics requests using the TLS settings associated with the configured cluster-wide security profile
Verify vector is listening for metrics requests using the TLS settings associated with the configured cluster-wide security profile
Verify fluentd is listening for metrics requests using the TLS settings associated with the configured cluster-wide security profile

is related to

LOG-3166 Logfile metrics exporter is accessible over TLS v1.1 with minTLS version set to 1.2.

Closed

LOG-3172 Fluentd metrics does not support TLS v1.3 with minTLS version set to 1.2.

Closed

LOG-3160 Vector metrics does not support TLS v1.3 with minTLS version set to 1.2

Closed

relates to

LOG-3271 Investigate Applying OCP crypto policies to Log collectors

Closed

links to

openshift/cluster-logging-operator#1784: LOG-3398: Apply TLSSecurityProfile settings to TLS listeners in log collectors

ViaQ/log-file-metric-exporter#26: LOG-3398: Apply TLSSecurityProfile settings to TLS listeners in log collectors

ViaQ/vector#129: LOG-3398: Apply TLSSecurityProfile settings to TLS listeners in log collectors

mentioned on

Merge request - Updated 2 upstream sources

Merge request - Updated 3 upstream sources

Merge request - Updated US source to: a008c78 Merge pull request #26 from syedriko/syedriko-log-3398

(2 links to, 4 mentioned on)

Assignee:: Sergey Yedrikov

Reporter:: Sergey Yedrikov

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2022/12/09 12:46 AM

Updated:: 2023/02/28 3:11 PM

Resolved:: 2023/02/28 3:11 PM

Details

Description

Summary

Acceptance Criteria

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide