New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[octavia-ingress-controller] Support TLS in Ingress #927
[octavia-ingress-controller] Support TLS in Ingress #927
Conversation
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build failed.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build failed.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
/test cloud-provider-openstack-e2e-test-csi-cinder |
Build failed.
|
/test cloud-provider-openstack-e2e-test-csi-cinder |
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build succeeded.
|
Build failed.
|
Build failed.
|
Build succeeded.
|
Build succeeded.
|
Build failed.
|
/test cloud-provider-openstack-acceptance-test-e2e-conformance |
/test cloud-provider-openstack-acceptance-test-flexvolume-cinder |
/test cloud-provider-openstack-acceptance-test-csi-manila |
Build succeeded.
|
Build failed.
|
Build failed.
|
Build succeeded.
|
/test cloud-provider-openstack-acceptance-test-flexvolume-cinder |
/test cloud-provider-openstack-acceptance-test-csi-manila |
Build succeeded.
|
Build succeeded.
|
/lgtm |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lingxiankong The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
The binaries affected:
What this PR does / why we need it:
Support to create TLS Ingress.
This implementation for octavia-ingress-controller requires the TLS secret must exist when creating the Ingress. In the future, we could consider to create the secret on the fly with integration of e.g. cert-manager.
The TLS support requires OpenStack Barbican deployed in the cloud, TLS Ingress creation will fail if Barbican is not available.
Which issue this PR fixes:
fixes #287
Special notes for reviewers:
Steps to test:
Preprae for the TLS secret, make sure to specify the server name in the CN field of the certificate, in this example, we use
www.example.com
as the server name.Create the Ingress
Check a secret created in OpenStack Barbican.
Verify https connection
Here is a live demo.
Release note:
This change is