Implemented usage libvirt+tls Enable TLS transport. compute: libvirt: tls: enabled: True You able to set custom certificates in pillar: nova: compute: libvirt: tls: key: (certificate content) cert: (certificate content) cacert: (certificate content) client: key: (certificate content) cert: (certificate content) Related-Prod: PROD-19149 Change-Id: Iea4c44703e837693b218648c0090b35c129daa5f

commit: 1c020d104027d71e1ea6e168af194bcdb11589b5 [log] [tgz]
author: Oleksandr Shyshko <oshyshko@mirantis.com> Thu May 24 12:47:08 2018 +0300
committer: Oleksandr Shyshko <oshyshko@mirantis.com> Mon Jun 04 15:36:56 2018 +0300
tree: 107f00b2905f49764ad5d03d57102d530e3cccfc
parent: 2fdc352b3caf321d0b5effb4842f23af907f4c20 [diff] [blame]
diff --git a/README.rst b/README.rst
index c5606e8..6d9c848 100644
--- a/README.rst
+++ b/README.rst

@@ -920,6 +920,33 @@
 You can read more about injecting the administrator password here:
     https://docs.openstack.org/nova/queens/admin/admin-password-injection.html
 
+Enable libvirt control channel over TLS
+---------------------
+
+By default TLS is disabled.
+
+Enable TLS transport.
+
+  compute:
+    libvirt:
+      tls:
+        enabled: True
+
+You able to set custom certificates in pillar:
+
+  nova:
+    compute:
+      libvirt:
+        tls:
+          key: (certificate content)
+          cert: (certificate content)
+          cacert: (certificate content)
+          client:
+            key: (certificate content)
+            cert: (certificate content)
+
+You can read more about live migration over TLS here:
+    https://wiki.libvirt.org/page/TLSCreateServerCerts
 
 Documentation and Bugs
 ======================
commit	1c020d104027d71e1ea6e168af194bcdb11589b5	[log] [tgz]
author	Oleksandr Shyshko <oshyshko@mirantis.com>	Thu May 24 12:47:08 2018 +0300
committer	Oleksandr Shyshko <oshyshko@mirantis.com>	Mon Jun 04 15:36:56 2018 +0300
tree	107f00b2905f49764ad5d03d57102d530e3cccfc
parent	2fdc352b3caf321d0b5effb4842f23af907f4c20 [diff] [blame]