opendevreview | Matúš Jenča proposed openstack/kolla-ansible master: Add support for RabbitMQ internode tls https://review.opendev.org/c/openstack/kolla-ansible/+/921381 | 07:23 |
---|---|---|
Core4032 | SvenKieske|OSISM[m] we have deployed ampq as kolla presents it, but our vulnerability scanner popped out a medium security breach, says "AMPQ service supports one or more authentication mechanism that allows credentials to be sent in clear text." Should I make any changes, or does any openstack service rely on plain text auth? | 07:47 |
frickler | Core4032: it should be possible to deploy rabbitmq using TLS, but openstack clients will still use plaintext auth on top of that | 07:53 |
opendevreview | Matúš Jenča proposed openstack/kolla-ansible master: Add support for RabbitMQ internode tls https://review.opendev.org/c/openstack/kolla-ansible/+/921381 | 08:16 |
Core4032 | frickler thanks for the information.. | 08:28 |
opendevreview | Will Szumski proposed openstack/kayobe master: Support running without root privileges https://review.opendev.org/c/openstack/kayobe/+/923430 | 09:08 |
opendevreview | Ivan Halomi proposed openstack/kolla-ansible master: Fix podman healtcheck when not enabled https://review.opendev.org/c/openstack/kolla-ansible/+/923231 | 09:58 |
tafkamax | <tafkamax> "Interesting the docs point out..." <- Not that proficient in DNS, but I am thinking that designate allows for extra rndc.key and rndc.conf. If I want to use my own DNS server that is not part of the integrated bind9 server that is spawned inside the designate container. I would need to add `allow-new-zones` to my separate DNS server. Also I think I would need to add to the rndc.conf the remote server address. So far I | 10:07 |
tafkamax | have created RNDC conf that listens on 0.0.0.0 on the DNS server I wish the openstack would push the dns entries to. I have shared the rndc key also to the openstack conf, so it knows the key for authentication. | 10:07 |
tafkamax | * to the openstack rndc.conf the | 10:09 |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: Allow using Bifrost/Ironic introspection data MAC address https://review.opendev.org/c/openstack/kayobe/+/922225 | 10:13 |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: Allow using Bifrost/Ironic introspection data MAC address https://review.opendev.org/c/openstack/kayobe/+/922225 | 10:22 |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: Allow using Bifrost/Ironic introspection data MAC address https://review.opendev.org/c/openstack/kayobe/+/922225 | 10:24 |
opendevreview | Matúš Jenča proposed openstack/kolla-ansible master: Add Redis as caching backend for Keystone https://review.opendev.org/c/openstack/kolla-ansible/+/909201 | 10:47 |
opendevreview | Will Szumski proposed openstack/kayobe master: Support running without root privileges https://review.opendev.org/c/openstack/kayobe/+/923430 | 11:17 |
opendevreview | Matúš Jenča proposed openstack/kolla-ansible master: Add Redis as caching backend for Nova https://review.opendev.org/c/openstack/kolla-ansible/+/909203 | 11:25 |
opendevreview | Will Szumski proposed openstack/kayobe master: Support running without root privileges https://review.opendev.org/c/openstack/kayobe/+/923430 | 11:29 |
opendevreview | Will Szumski proposed openstack/kayobe master: Support running without root privileges https://review.opendev.org/c/openstack/kayobe/+/923430 | 11:32 |
opendevreview | Matúš Jenča proposed openstack/kolla-ansible master: Add Redis as caching backend for Placement https://review.opendev.org/c/openstack/kolla-ansible/+/909222 | 12:58 |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: Allow using Bifrost/Ironic introspection data MAC address https://review.opendev.org/c/openstack/kayobe/+/922225 | 13:35 |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: Allow using Bifrost/Ironic introspection data MAC address https://review.opendev.org/c/openstack/kayobe/+/922225 | 13:57 |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: Allow using Bifrost/Ironic introspection data MAC address https://review.opendev.org/c/openstack/kayobe/+/922225 | 13:58 |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: Allow using Bifrost/Ironic introspection data MAC address https://review.opendev.org/c/openstack/kayobe/+/922225 | 14:00 |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: Allow using Bifrost/Ironic introspection data MAC address https://review.opendev.org/c/openstack/kayobe/+/922225 | 14:01 |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: Allow using Bifrost/Ironic introspection data MAC address https://review.opendev.org/c/openstack/kayobe/+/922225 | 14:01 |
opendevreview | Matúš Jenča proposed openstack/kolla-ansible master: Add Redis as caching backend for Keystone https://review.opendev.org/c/openstack/kolla-ansible/+/909201 | 14:36 |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: Allow using Bifrost/Ironic introspection data MAC address https://review.opendev.org/c/openstack/kayobe/+/922225 | 14:40 |
opendevreview | Michal Nasiadka proposed openstack/kolla-ansible master: CI: test interface names with dashes https://review.opendev.org/c/openstack/kolla-ansible/+/794545 | 14:43 |
opendevreview | Michal Nasiadka proposed openstack/kolla-ansible master: CI: test interface names with dashes https://review.opendev.org/c/openstack/kolla-ansible/+/794545 | 14:44 |
opendevreview | Michal Nasiadka proposed openstack/kolla-ansible master: CI: test interface names with dashes https://review.opendev.org/c/openstack/kolla-ansible/+/794545 | 14:45 |
opendevreview | Will Szumski proposed openstack/kayobe master: Support running without root privileges https://review.opendev.org/c/openstack/kayobe/+/923430 | 16:13 |
opendevreview | Will Szumski proposed openstack/kayobe master: Support running without root privileges https://review.opendev.org/c/openstack/kayobe/+/923430 | 17:02 |
opendevreview | Michal Nasiadka proposed openstack/kolla-ansible master: CI: test interface names with dashes https://review.opendev.org/c/openstack/kolla-ansible/+/794545 | 17:37 |
mmalchuk | mnasiadka can't proceed with release task. have an issues with notebook. could you please proceed yourself or assigne someone else. sorry | 17:55 |
opendevreview | Merged openstack/kolla-ansible master: Bullseye removal followup - remove from prechecks https://review.opendev.org/c/openstack/kolla-ansible/+/923364 | 18:48 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!