vRouter support for SSL meta-data service when proxying

Registered by Rudra Rugge on 2017-07-14

Openstack allows VMs to access metadata by sending a HTTP request to the link local address 169.254.169.254. This request from a VM is proxied to to Nova API, with additional HTTP header fields added. Nova uses these to identify the source instance and responds with appropriate metadata.

Contrail vRouter acts as the proxy, trapping the metadata requests, adding the necessary header fields and sending the requests to the Nova API server.

This communication between vRouter and Nova API should be SSL encrypted.

Blueprint information

Status:
Complete
Approver:
Nischal Sheth
Priority:
Medium
Drafter:
Hari Prasad Killi
Direction:
Approved
Assignee:
Hari Prasad Killi
Definition:
Approved
Series goal:
Accepted for trunk
Implementation:
Implemented
Milestone target:
milestone icon r4.1.0.0-fcs
Started by
Hari Prasad Killi on 2017-07-20
Completed by
Hari Prasad Killi on 2017-11-20

Related branches

Sprints

Whiteboard

(?)

Work Items

Work items:
Agent code changes to handle SSL support for metadata proxy : DONE
Provisioning updates to handle SSL certificates : DONE

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.