openstack/bifrost
Code Issues Proposed changes
b99ff7f1c4
bifrost/releasenotes/notes/unix-socket-bac1a9e01b1cf7e6.yaml
Dmitry Tantsur c0f901c1b4 Make ironic and inspector listen on Unix sockets 
This way we don't expose the plain text endpoints to anyone even locally.

Change-Id: I40b3e863f78e185c39a20f4254b68b8140eea9e0
Depends-On: https://review.opendev.org/c/openstack/ironic/+/828508
Depends-On: https://review.opendev.org/c/openstack/ironic-inspector/+/827124
2022-02-09 11:06:41 +01:00

7 lines
221 B
YAML
Raw Blame History

---
upgrade:
- |
When TLS is enabled, Ironic and Inspector now serve their API via unix
sockets in the ``/run/ironic`` directory instead of private TCP ports on
localhost. The public API is served by Nginx.
View Git Blame Copy Permalink