cf-dev@lists.cloudfoundry.org | future changes to etcd configuration in cf-release

Home Messages Hashtags Subgroups

Date Date 1 - 3 of 3

future changes to etcd configuration in cf-release

Amit Kumar Gupta #2012 Hi all, Just wanted to give the community advance notice that we will be introducing a change to the etcd configuration in cf-release, probably within the week (probably cf v220+, we are currently on v218). etcd can be configured to require ssl communication amongst servers, and between servers and clients. Currently this defaults to false, but we will be changing the default to true. We will include documentation on how to generate certs, and where to put them in your stubs if you are using the spiff tooling to generate deployment manifests. The BOSH-Lite dev manifests will include certs by default, to make the dev workflow especially easy. Cheers, Amit Gupta Cloud Foundry PM, OSS Release Integration team attachment.html
More All Messages By This Member
Shannon Coen #2117 Amit, Could you confirm that you will require mutual SSL auth, otherwise this wouldn't require much of a change by clients. If etcd.require_ssl:true, must a client present a cert? Thank you, Shannon Coen Product Manager, Cloud Foundry Pivotal, Inc. toggle quoted message Show quoted text On Tue, Sep 29, 2015 at 5:54 PM, Amit Gupta <agupta(a)pivotal.io> wrote: Hi all, Just wanted to give the community advance notice that we will be introducing a change to the etcd configuration in cf-release, probably within the week (probably cf v220+, we are currently on v218). etcd can be configured to require ssl communication amongst servers, and between servers and clients. Currently this defaults to false, but we will be changing the default to true. We will include documentation on how to generate certs, and where to put them in your stubs if you are using the spiff tooling to generate deployment manifests. The BOSH-Lite dev manifests will include certs by default, to make the dev workflow especially easy. Cheers, Amit Gupta Cloud Foundry PM, OSS Release Integration team attachment.html
More All Messages By This Member
Amit Kumar Gupta #2119 Yes, this is mutual SSL auth. Best, Amit toggle quoted message Show quoted text On Tue, Oct 6, 2015 at 12:36 PM, Shannon Coen <scoen(a)pivotal.io> wrote: Amit, Could you confirm that you will require mutual SSL auth, otherwise this wouldn't require much of a change by clients. If etcd.require_ssl:true, must a client present a cert? Thank you, Shannon Coen Product Manager, Cloud Foundry Pivotal, Inc. On Tue, Sep 29, 2015 at 5:54 PM, Amit Gupta <agupta(a)pivotal.io> wrote: Hi all, Just wanted to give the community advance notice that we will be introducing a change to the etcd configuration in cf-release, probably within the week (probably cf v220+, we are currently on v218). etcd can be configured to require ssl communication amongst servers, and between servers and clients. Currently this defaults to false, but we will be changing the default to true. We will include documentation on how to generate certs, and where to put them in your stubs if you are using the spiff tooling to generate deployment manifests. The BOSH-Lite dev manifests will include certs by default, to make the dev workflow especially easy. Cheers, Amit Gupta Cloud Foundry PM, OSS Release Integration team attachment.html
More All Messages By This Member

1 - 3 of 3

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms