Update 'TLS for Haproxy Backends' section in docs
It is possible to secure haproxy backends communication now. Docs should be updated accordingly. Change-Id: If01ab85ec172937ac8b592883b2899fc5ea5b0f5
This commit is contained in:
Damian Dabrowski
parent
b29172e5ed
commit
dd776ccecd
@ -293,8 +293,23 @@ the start.
|
||||
TLS for Haproxy Backends
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Securing the internal communications from haproxy to backend services is
|
||||
currently work in progress.
|
||||
Communication between haproxy and service backends can be encrypted. Currently
|
||||
it is disabled by default. It can be enabled for all services by setting the
|
||||
following variable:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
openstack_service_backend_ssl: True
|
||||
|
||||
There is also an option to enable it only for individual services:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
keystone_backend_ssl: True
|
||||
neutron_backend_ssl: True
|
||||
|
||||
By default, self-signed certificates will be used to secure traffic but
|
||||
user-provided certificates are also supported.
|
||||
|
||||
TLS for Live Migrations
|
||||
~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user