Enable configuring SSL for Erlang distribution #574
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
JAORMX
force-pushed
the
tls-proto-dist
branch
8 times, most recently
from
42f21f3
to
1ec716a
Compare
|
In addition to rebase, we're switching to expect syntax, so can you update the specs to use the new syntax and squash commits? There is some ongoing structural maintenance, so unfortunately, there could end up being another round of rebasing at some point. After reading the link, the purpose of this PR is a little more clear, but it would be good if it could have some additional review. |
wyardley
requested changes
Aug 30, 2017
spec/classes/rabbitmq_spec.rb
Outdated
| :ssl_erl_dist => true } | ||
| } | ||
| it 'should enable inet6 distribution' do | ||
| should contain_file('rabbitmq-env.config') \ |
There was a problem hiding this comment.
switch these (and the others) to is.expected_to type syntax
|
@wyardley thanks for the review. Amended the commit to address your comments. |
As mentioned in the RabbitMQ documentation [1], this sets up the necessary parameters through environment variables to use the relevant -proto_dist value, and enable the ssl path (through the -pa option) if necessary. [1] https://www.rabbitmq.com/clustering-ssl.html
openstack-gerrit
pushed a commit
to openstack-archive/puppet-tripleo
that referenced
this pull request
Sep 4, 2017
This follows the RabbitMQ docs [1] for enabling TLS for the replication traffic. It reuses the certificate that rabbitmq already has. Unfortunately, pacemaker uses the shortname for the rabbitmq nodes, so we are not able to do proper verification of the certificates, since we can't allocate a certificate for shortnames. So, until pacemaker can track the rabbit nodes through their FQDNs, we don't set any verification options. [1] https://www.rabbitmq.com/clustering-ssl.html Depends on: voxpupuli/puppet-rabbitmq#574 bp tls-via-certmonger Co-Authored-By: Alex Schultz <aschultz@redhat.com> Change-Id: I265c89cb8898a6da78a606664a22c50f5e57a847
openstack-gerrit
pushed a commit
to openstack-archive/puppet-tripleo
that referenced
this pull request
Sep 6, 2017
This follows the RabbitMQ docs [1] for enabling TLS for the replication traffic. It reuses the certificate that rabbitmq already has. Unfortunately, pacemaker uses the shortname for the rabbitmq nodes, so we are not able to do proper verification of the certificates, since we can't allocate a certificate for shortnames. So, until pacemaker can track the rabbit nodes through their FQDNs, we don't set any verification options. [1] https://www.rabbitmq.com/clustering-ssl.html Depends on: voxpupuli/puppet-rabbitmq#574 bp tls-via-certmonger Co-Authored-By: Alex Schultz <aschultz@redhat.com> Change-Id: I265c89cb8898a6da78a606664a22c50f5e57a847 (cherry picked from commit 52404b8)
Slm0n87
pushed a commit
to Slm0n87/puppet-rabbitmq
that referenced
this pull request
Mar 7, 2019
Enable configuring SSL for Erlang distribution
cegeka-jenkins
pushed a commit
to cegeka/puppet-rabbitmq
that referenced
this pull request
Mar 26, 2021
Enable configuring SSL for Erlang distribution
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As mentioned in the RabbitMQ documentation [1], this sets up the
necessary parameters through environment variables to use the relevant
-proto_dist value, and enable the ssl path (through the -pa option) if
necessary.
[1] https://www.rabbitmq.com/clustering-ssl.html