Add support for SASL authentication #52
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
priteau
reviewed
Mar 21, 2022
SASL allows for authentication of libvirt API TCP and TLS connections. This change includes: * Flag to enable or disable SASL support (disabled by default) * Installation of cyrus-sasl packages on daemon and client hosts * libvirt daemon SASL configuration (/etc/sasl2/libvirt.conf) * libvirt client credential file (auth.conf) configuration * Creation of SASL user accounts
priteau
approved these changes
Mar 21, 2022
markgoddard
added a commit
to stackhpc/kayobe-original
that referenced
this pull request
Mar 24, 2022
Adds support for SASL authentication of libvirt TCP and TLS connections when using a compute host libvirt daemon. In line with the dependent Kolla Ansible patch, we enable SASL by default, and use DIGEST-MD5 with TCP and SCRAM-SHA-256 with TLS. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/833022 Depends-On: stackhpc/ansible-role-libvirt-host#52 Story: 2009858 Task: 44735 Change-Id: Id3972c24022aeb6421494c3cccdc8e7cbce802e6 (cherry picked from commit f4493e4)
openstack-mirroring
pushed a commit
to openstack/openstack
that referenced
this pull request
Mar 29, 2022
* Update kayobe from branch 'master'
to 0cd0f05781cdc1915792fe1aecbde18b0aee4063
- Merge "libvirt: support SASL authentication"
- libvirt: support SASL authentication
Adds support for SASL authentication of libvirt TCP and TLS connections
when using a compute host libvirt daemon.
In line with the dependent Kolla Ansible patch, we enable SASL by
default, and use DIGEST-MD5 with TCP and SCRAM-SHA-256 with TLS.
Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/833022
Depends-On: stackhpc/ansible-role-libvirt-host#52
Story: 2009858
Task: 44735
Change-Id: Id3972c24022aeb6421494c3cccdc8e7cbce802e6
openstack-mirroring
pushed a commit
to openstack/kayobe
that referenced
this pull request
Mar 29, 2022
Adds support for SASL authentication of libvirt TCP and TLS connections when using a compute host libvirt daemon. In line with the dependent Kolla Ansible patch, we enable SASL by default, and use DIGEST-MD5 with TCP and SCRAM-SHA-256 with TLS. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/833022 Depends-On: stackhpc/ansible-role-libvirt-host#52 Story: 2009858 Task: 44735 Change-Id: Id3972c24022aeb6421494c3cccdc8e7cbce802e6
jovial
pushed a commit
to jovial/kayobe
that referenced
this pull request
Apr 27, 2022
Adds support for SASL authentication of libvirt TCP and TLS connections when using a compute host libvirt daemon. In line with the dependent Kolla Ansible patch, we enable SASL by default, and use DIGEST-MD5 with TCP and SCRAM-SHA-256 with TLS. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/833022 Depends-On: stackhpc/ansible-role-libvirt-host#52 Story: 2009858 Task: 44735 Change-Id: Id3972c24022aeb6421494c3cccdc8e7cbce802e6 (cherry picked from commit f4493e4)
markgoddard
added a commit
to stackhpc/kayobe
that referenced
this pull request
Jun 20, 2022
Adds support for SASL authentication of libvirt TCP and TLS connections when using a compute host libvirt daemon. In line with the dependent Kolla Ansible patch, we enable SASL by default, and use DIGEST-MD5 with TCP and SCRAM-SHA-256 with TLS. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/833022 Depends-On: stackhpc/ansible-role-libvirt-host#52 Story: 2009858 Task: 44735 Change-Id: Id3972c24022aeb6421494c3cccdc8e7cbce802e6 (cherry picked from commit f4493e4)
markgoddard
added a commit
to stackhpc/kayobe
that referenced
this pull request
Jun 20, 2022
Adds support for SASL authentication of libvirt TCP and TLS connections when using a compute host libvirt daemon. In line with the dependent Kolla Ansible patch, we enable SASL by default, and use DIGEST-MD5 with TCP and SCRAM-SHA-256 with TLS. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/833022 Depends-On: stackhpc/ansible-role-libvirt-host#52 Story: 2009858 Task: 44735 Change-Id: Id3972c24022aeb6421494c3cccdc8e7cbce802e6 (cherry picked from commit f4493e4)
jovial
pushed a commit
to stackhpc/kayobe
that referenced
this pull request
Jul 21, 2022
Adds support for SASL authentication of libvirt TCP and TLS connections when using a compute host libvirt daemon. In line with the dependent Kolla Ansible patch, we enable SASL by default, and use DIGEST-MD5 with TCP and SCRAM-SHA-256 with TLS. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/833022 Depends-On: stackhpc/ansible-role-libvirt-host#52 Story: 2009858 Task: 44735 Change-Id: Id3972c24022aeb6421494c3cccdc8e7cbce802e6 (cherry picked from commit f4493e4) (cherry picked from commit 8ac63f75790dd88f3df898c387fe5696bac291d7)
jovial
pushed a commit
to stackhpc/kayobe
that referenced
this pull request
Oct 5, 2022
Adds support for SASL authentication of libvirt TCP and TLS connections when using a compute host libvirt daemon. In line with the dependent Kolla Ansible patch, we enable SASL by default, and use DIGEST-MD5 with TCP and SCRAM-SHA-256 with TLS. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/833022 Depends-On: stackhpc/ansible-role-libvirt-host#52 Story: 2009858 Task: 44735 Change-Id: Id3972c24022aeb6421494c3cccdc8e7cbce802e6
Aethylred
pushed a commit
to nesi/kayobe
that referenced
this pull request
Oct 19, 2022
Adds support for SASL authentication of libvirt TCP and TLS connections when using a compute host libvirt daemon. In line with the dependent Kolla Ansible patch, we enable SASL by default, and use DIGEST-MD5 with TCP and SCRAM-SHA-256 with TLS. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/833022 Depends-On: stackhpc/ansible-role-libvirt-host#52 Story: 2009858 Task: 44735 Change-Id: Id3972c24022aeb6421494c3cccdc8e7cbce802e6 (cherry picked from commit f4493e4)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SASL allows for authentication of libvirt API TCP and TLS connections.
This change includes: