Difference between revisions of "Neutron/LBaaS/SSL"
(→Resources change) |
(→Resources change) |
||
Line 17: | Line 17: | ||
Database persistent | Database persistent | ||
FrontEndTermination | FrontEndTermination | ||
− | [Y/N] default=N | + | [Y/N] default=N |
+ | NOT mandatory | ||
+ | visible | ||
FrontEndProtocols | FrontEndProtocols | ||
− | String | + | String |
+ | Mandatory if termination enabled | ||
+ | visible if termination enabled | ||
FrontEndCipherSuite: | FrontEndCipherSuite: | ||
− | String | + | String |
+ | Mandatory if termination enabled | ||
+ | visible if termination enabled | ||
BackEndTermination | BackEndTermination | ||
− | [Y/N] default=N | + | [Y/N] default=N |
+ | NOT mandatory | ||
+ | visible | ||
BackEndProtocols | BackEndProtocols | ||
− | String | + | String |
+ | Mandatory if termination enabled | ||
+ | visible if termination enabled | ||
BackEndCipherSuite: | BackEndCipherSuite: | ||
− | String | + | String |
+ | Mandatory if termination enabled | ||
+ | visible if termination enabled | ||
Transient | Transient |
Revision as of 15:41, 18 November 2013
Contents
Description
This comes to describe the functional aspect of OpenStack Neutron SSL support for LBaaS.
Rationale
Giving user the ability to use SSL on LBaaS.
User should be able to apply SSL certificates on LBaaS and configure SSL on vip, front-end and back-end.
API change
No API change
Resources change
LBaaS extension's resource attributes map should be extended with new parameters:
Database persistent
FrontEndTermination [Y/N] default=N NOT mandatory visible FrontEndProtocols String Mandatory if termination enabled visible if termination enabled FrontEndCipherSuite: String Mandatory if termination enabled visible if termination enabled BackEndTermination [Y/N] default=N NOT mandatory visible BackEndProtocols String Mandatory if termination enabled visible if termination enabled BackEndCipherSuite: String Mandatory if termination enabled visible if termination enabled
Transient
Passphrase Public Key (PEM) Private Key (PEM)
Data model change
Vip database entity should be extended with new columns:
front_end_termination - Boolean front_end_protocols - String front_end_cipher_type: ENUM back_end_termination - Boolean back_end_protocols - String back_end_cipher_type: ENUM
DB Migration
Vip table should be altered with new columns.
New columns of each existing Vip row should be populated with default values:
front_end_termination - 'N' front_end_protocols - front_end_cipher_type: None back_end_termination - 'N' back_end_protocols - back_end_cipher_type: None
Implementation Plan
- Modifying LBaaS Vip resources' attribute map with new parameters
- Modifying LBaaS Vip DB Model with new parameters
- Modifying LBaaS Vip DB Model tests to account new parameters if needed