Comment 22 for bug 1461882
Revision history for this message
| OpenContrail Admin (ci-admin-f) wrote A change has been merged | #22 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
9199653
demo site
(Get the code!)
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R2.20
commit 888049f626fbd7d
Author: Rudra Rugge <email address hidden>
Date: Fri May 8 10:54:27 2015 -0700
Generate loadbalancer config in json format
Currently the agent generates loadbalancer configuration in
haproxy specific format. Going forward agent will generate
a generic json based loadbalancer config. This config will
be handled by driver specific configuration parser. Currently
only haproxy parsing is supported.
Closes-Bug: #1452928
Change-Id: I2d198aff0a5696
Conflicts:
src/vnsw/
LBAAS haproxy process manager
Manage haproxy daemon for lbaas. Two options avaialable:
- Manage through supervisor. This will run on non-daemon mode
as the process cannot be managed by supervisord if it runs in
background. Process monitoring provided by supervisor.
- Start/stop the daemon as we do today. Need additional changes
to ensure monitoring/
Additional commit needed to enable this code from vrouter_netns.
Change-Id: I05c13d7c96c86b
Partial-Bug: #1452928
Enable haproxy config translation
Enable haproxy config translation from json format
Also enable haproxy daemon handling by supervisord
Change-Id: If3489ea66430ec
Closes-Bug: #1452928
Conflicts:
src/nodemgr/
Generate mac from instance ip for service VMs
Generate the same mac-address for all interfaces sharing the same
IP. In addition a change to daemonize the haproxy process instead
of managing through supervisor.
Change-Id: I2394f29c4a11bf
Closes-Bug: #1461882
Haproxy config generation fixes for HTTPS protocol
Change-Id: I140361ad4785be
Closes-bug: #1466318
Fix for poodle vulnerability; ChangeId: I9432d035eb59b1
Change-Id: I390a77261bc0d3
Fix for FREAK SSL vulnerability
This fix pushes selected set of secure ciphers into
haproxy config file
Change-Id: Idfc11ce0411024
Closes-Bug: #1477400
HAProxy Performance Tuning
HAProxy's default config is non-performant.
This fix updates following config in HAProxy:
1) Increase TCP client/server timeouts.
2) Increase ulimit globally per HAProxy process.
3) Increase maxconn globally per HAProxy process.
Change-Id: I28be29d5ab3dcb
Closes-Bug: #1477781
Allow custom configs with LBaaS
This fix takes care of haproxy parsing and
validation changes on vrouter agent. Removing
extra white spaces
Closes-Bug: #1475393
Change-Id: I822e27792f7816
Allow custom configs with LBaaS
This fix enables a new field "custom-attr" in loadbalancer_pool
properties in the schema.
Change-Id: I17eecc2fedea4d
Closes-Bug: #1475393
Allow custom configs with LBaaS
This fix commits the vrouter agent code to read
the custom_attributes from ifmap node and copy it
to config.json file which the haproxy parser
would read. Added missing '}'. Incorporating the
comments
Closes-Bug: #1475393
Change-Id: I6f22f4f537c97c
Conflicts:
src/vnsw/
src/vnsw/
src/vnsw/
Change-Id: Iea0aff5589a21e
Conflicts:
src/vnsw/
WIP: Tenant SSL Cert Support
This fix adds tenant SSL support to existing custom attributes.
User can provide barbican container ref in custom attributes
and haproxy parser then downloads the container/secrets
and populates the certificate.
Also, the keystone auth credentials need to specified in a
separate auth file whose path should be provided in
contrail-
keystone_
Change-Id: I2b857338200310
Partial-Bug: #1499903
Conflicts:
src/nodemgr/
src/vnsw/
src/vnsw/
src/vnsw/
src/vnsw/
Change-Id: I31535a59086726