-
Notifications
You must be signed in to change notification settings - Fork 596
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[OCCM] add support for TLS terminated loadbalancers #1474
[OCCM] add support for TLS terminated loadbalancers #1474
Conversation
Hi @hamzazafar. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Build succeeded.
|
Build succeeded.
|
Build failed.
|
c71bdf4
to
4a31f58
Compare
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build failed.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
/ok-to-test |
/retest |
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Hi @lingxiankong, Can you please review the PR. Thanks |
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Looks good to me, but could you please add a little bit more description about what if |
I have updated the docs, please have a look. Thanks! |
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build failed.
|
Build failed.
|
/retest |
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
I've tested again, this works perfectly fine. Thanks! /lgtm |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jichenjc The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
* add support for TLS terminated loadbalancers * update docs
What this PR does / why we need it:
This PR brings support for creating TLS Terminated loadbalancers. User can specify tls container ref either in cloud-config file using
default-tls-container-ref
option or pass tls container ref in service spec using annotationloadbalancer.openstack.org/default-tls-container-ref
. Cloud provider will create a listener with protocol TERMINATED_HTTPS and a pool with protocol HTTP.This feature is supported only for Octavia.
This PR also fixes #1294
Special notes for reviewers:
To test this feature you have to create an openstack secret container of type certificate:
You can pass the default-tls-container-ref
https://X.X.X.X:9311/v1/containers/3898c759-ef67-4096-8ccf-3719cef674a3
in an annotationloadbalancer.openstack.org/default-tls-container-ref
to create an external cloud loadbalancer with aTERMINATED_HTTPS
listener.Release note: