Service communication encryption with IPSEC
This would enable encryption in the network for service-to-service communication using IPSEC. This work would be based on work already done as part of an ansible role, and would include making it part of the TripleO workflow.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Medium
- Drafter:
- Juan Antonio Osorio Robles
- Direction:
- Approved
- Assignee:
- Juan Antonio Osorio Robles
- Definition:
- Approved
- Series goal:
- Accepted for queens
- Implementation:
-
Implemented
- Milestone target:
-
queens-rc1
- Started by
- Alex Schultz
- Completed by
- Emilien Macchi
Related branches
Related bugs
Sprints
Whiteboard
[2017-12-08] Moving to queens-3 as there is a single patch outstanding. If anything else is needed, we should move this to Rocky.
Gerrit topic: https:/
Addressed by: https:/
Encryption everywhere with IPSEC
Gerrit topic: https:/
Addressed by: https:/
Add libreswan (IPSEC management) package to overcloud images
Addressed by: https:/
Add VipMap to inventory variables
Addressed by: https:/
Add IPSEC composable service
Addressed by: https:/
Add network_map entry to dynamic inventory
Gerrit topic: https:/
Gerrit topic: https:/
Addressed by: https:/
Split IPSEC deployment in two
Addressed by: https:/
Enable configuring IPSEC's phase 2 algorithm
Addressed by: https:/
Add documentation for the IPSEC feature
Addressed by: https:/
Activate ipsec for for featureset042
Addressed by: https:/
Add release notes for IPSec
