-
Epic
-
Resolution: Unresolved
-
Normal
-
None
-
sdk support for Octavia TLS backend re-encryption
-
False
-
-
False
-
Proposed
-
Proposed
-
To Do
-
Committed
-
rhos-connectivity-vans
-
Proposed
-
100% To Do, 0% In Progress, 0% Done
-
-
+++ This bug was initially created as a clone of Bug #1623938 +++
Support the upstream effort to implement backend re-encryption
(in considerations list for Octavia 4.0+)
— Additional comment from Bernard Cafarelli on 2018-08-30 13:53:13 UTC —
No release flag as squad will not have capacity for this one
— Additional comment from Bernard Cafarelli on 2019-02-12 10:36:18 UTC —
From initial 15 planning, it was also mentioned this was important for ShiftOnStack, @Luis is it still the case?
— Additional comment from Luis Tomas Bolivar on 2019-02-12 11:53:36 UTC —
(In reply to Bernard Cafarelli from comment #2)
> From initial 15 planning, it was also mentioned this was important for
> ShiftOnStack, @Luis is it still the case?
This is a nice to have, but definitely no high priority for it. We are using the Openshift route pods for now instead of the native kuryr support for them. This is just needed if we want to move from that approach to use octavia as the L7 load balancer for the openshift routes.
— Additional comment from Carlos Goncalves on 2019-03-20 16:54:29 UTC —
Feature is added in Stein. No tempest tests proposed at this time. Pushing decision to support backend re-encryption for OSP 16 (Train).
— Additional comment from Toni Freger on 2019-04-15 05:27:14 UTC —
qe_nack from my side.
Due to lack of resources we won't be able to test this one.
— Additional comment from Scott Lewis on 2019-07-16 14:12:35 UTC —
Removing from OSP16 per MVP must-have discussions for GA. Please replan and retarget this RFE to another release.
— Additional comment from Carlos Goncalves on 2019-12-10 17:13:52 UTC —
Feature available since OSP 15. Needs testing. Tech Preview in OSP 16.0?
— Additional comment from Scott Lewis on 2020-02-24 17:49:08 UTC —
This item has been properly Triaged and planned for the appropriate release, and is being tagged for tracking.
— Additional comment from Carlos Goncalves on 2020-03-14 14:27:45 UTC —
Partially implemented. SDK, Dashboard and Tempest incomplete.
— Additional comment from Carlos Goncalves on 2020-03-14 14:29:44 UTC —
TLS-terminated load balancer traffic flows unencrypted between the load balancer and backend servers which may pose a security risk. Load balancers should be able to encrypt internal traffic.
— Additional comment from Scott Lewis on 2020-04-19 19:01:38 UTC —
This item has had a change in release flag, and has been removed from tracking for the GA.
— Additional comment from Scott Lewis on 2020-04-19 19:04:14 UTC —
Removing from tracking in OSP16.1 GA as this has missed the upstream feature freeze on 10Apr20. Please replan to a 16.1 zstream, or another release.
— Additional comment from Scott Lewis on 2020-04-19 19:06:24 UTC —
Removing Target Milestone; please replan
— Additional comment from Aharon Canan on 2020-06-22 14:39:10 UTC —
Removed Polarion req for rhos 16.1
— Additional comment from Red Hat Bugzilla on 2022-02-22 05:43:21 UTC —
remove performed by PnT Account Manager <pnt-expunge@redhat.com>
— Additional comment from Red Hat Bugzilla on 2022-06-11 04:40:19 UTC —
remove performed by PnT Account Manager <pnt-expunge@redhat.com>
— Additional comment from Brent Eagles on 2023-08-08 14:32:58 UTC —
SDK component needs updating before closing.
— Additional comment from Brent Eagles on 2023-08-08 14:35:51 UTC —
TODO: move this to modified with a fixed in and clone to cover the remaining SDK part.
- external trackers
