| *** brinzhang has joined #openstack-glance | 00:13 | |
| *** Liang__ has joined #openstack-glance | 01:09 | |
| *** brinzhang_ has joined #openstack-glance | 02:04 | |
| *** brinzhang has quit IRC | 02:08 | |
| *** brinzhang has joined #openstack-glance | 02:08 | |
| *** brinzhang_ has quit IRC | 02:09 | |
| *** lifeless_ is now known as liffeless | 02:40 | |
| *** liffeless is now known as lifeless | 02:40 | |
| *** threestrands has joined #openstack-glance | 03:29 | |
| *** gyee has quit IRC | 04:02 | |
| *** evrardjp has quit IRC | 04:37 | |
| *** evrardjp has joined #openstack-glance | 04:37 | |
| *** udesale has joined #openstack-glance | 04:43 | |
| *** ratailor has joined #openstack-glance | 05:00 | |
| *** ratailor has quit IRC | 05:01 | |
| *** ratailor has joined #openstack-glance | 05:06 | |
| *** happyhemant has joined #openstack-glance | 08:14 | |
| *** threestrands has quit IRC | 08:45 | |
| *** tkajinam has quit IRC | 08:50 | |
| openstackgerrit | OpenStack Proposal Bot proposed openstack/glance master: Imported Translations from Zanata https://review.opendev.org/719155 | 09:17 |
|---|---|---|
| *** Liang__ has quit IRC | 09:42 | |
| *** smcginnis has quit IRC | 09:52 | |
| *** lpetrut has joined #openstack-glance | 09:56 | |
| *** mgoddard has joined #openstack-glance | 10:06 | |
| mgoddard | Hi, is anyone around? | 10:06 |
| mgoddard | I have a question about TLS termination | 10:06 |
| mgoddard | hi abhishekk, around? | 10:10 |
| abhishekk | mgoddard, in a meeting | 10:10 |
| mgoddard | abhishekk: np | 10:10 |
| abhishekk | will be free in an hour | 10:10 |
| mgoddard | hi abhishekk | 11:35 |
| *** ratailor has quit IRC | 11:50 | |
| *** nikparasyr has joined #openstack-glance | 11:52 | |
| *** smcginnis has joined #openstack-glance | 12:01 | |
| *** udesale_ has joined #openstack-glance | 12:31 | |
| *** udesale has quit IRC | 12:34 | |
| jokke_ | mgoddard: still here, what's up? | 13:29 |
| mgoddard | hi jokke_ | 13:29 |
| mgoddard | I saw that TLS termination is no longer supported by glance | 13:30 |
| mgoddard | we're just looking at adding TLS termination for backend servers in kolla-ansible | 13:30 |
| mgoddard | normally we do this using httpd, but glance docs recommend against this | 13:31 |
| mgoddard | so we tried using key_file/cert_file then found they had been removed | 13:31 |
| mgoddard | is there a recommended way to achieve this? | 13:31 |
| jokke_ | mgoddard: yeah, that's related to how reverse proxying in apache works. That will dump the whole image to /tmp/ before sending the request to glance upon upload. Use for example HAProxy for terminating the ssl/tls it's good behaving, is well tested and fairly lightweight (well specially vs. httpd) | 13:33 |
| jokke_ | other approach is to use for example stunnel if you want to have the connection between your load balancer and glance being encrypted ... same applies what comes to behavior, usage and overhead | 13:34 |
| jokke_ | My personal preferred operating mode is having HAProxy as loadbalancer terminating external and stunnel between HAProxy and glance-api | 13:36 |
| jokke_ | but HAProxy - HAProxy - glance-api is perfectly fine as well | 13:37 |
| mgoddard | we use haproxy as a load balancer. stunnel seems like a reasonable solution | 13:38 |
| mgoddard | thanks for the info jokke_ | 13:38 |
| jokke_ | yeah, it's super light, it's been stable and well behaving for years and doesn't try to do anything fancy <3 | 13:39 |
| jokke_ | NP! | 13:39 |
| abhishekk | mgoddard, sorry was busy in other stuff | 13:49 |
| mgoddard | abhishekk: no problem, jokke_ answered my question | 13:49 |
| abhishekk | mgoddard, cool, | 13:49 |
| abhishekk | jokke_, rosmaita smcginnis weekly meeting in 3 minutes at #openstack-meeting | 13:58 |
| *** jdillaman has joined #openstack-glance | 14:22 | |
| *** lpetrut has quit IRC | 14:34 | |
| *** gyee has joined #openstack-glance | 14:42 | |
| *** happyhemant has quit IRC | 15:14 | |
| *** mgoddard has left #openstack-glance | 16:15 | |
| *** udesale_ has quit IRC | 16:35 | |
| *** evrardjp has quit IRC | 16:37 | |
| *** evrardjp has joined #openstack-glance | 16:37 | |
| *** nikparasyr has quit IRC | 16:42 | |
| *** servagem has joined #openstack-glance | 17:23 | |
| *** rcernin has quit IRC | 17:37 | |
| *** servagem has quit IRC | 20:35 | |
| *** rcernin has joined #openstack-glance | 22:39 | |
| *** tkajinam has joined #openstack-glance | 22:39 | |
| *** threestrands has joined #openstack-glance | 23:14 | |
| *** threestrands has quit IRC | 23:15 | |
| *** threestrands has joined #openstack-glance | 23:15 | |
| *** rosmaita has quit IRC | 23:43 | |
| *** rosmaita has joined #openstack-glance | 23:56 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!