ea77b5f857
Metadata service in the NSX-V plugin is handled by a Edge DHCP or router VM. Currently the traffic between nova and the metadata service is insecure. This patch adds the SSL support for metadata service which will make the connection secure. The certificate used for secure communication will be created on the VC under the edge scope. If user does not supply the certificate and private key for secure communication, a self signed certificate will be generated in the backend. This self signed certificate will last for a period of 10yrs. A certifcate with the given details will be created in the backend if such a configuration exists in nsx.ini Appropriate config is pushed for the loadbalancer with the protocol set to HTTPS if SSL is enabled for metadata service. DocImpact Change-Id: I5582cc1186ef4b8451f999b46e55bc2c684b1be3 |
||
|---|---|---|
| .. | ||
| policy | ||
| nsx.ini | ||
| policy.json | ||