Allow setting tls_priority option Add tls_priority config option to libvirtd.conf config. libvirt-4.0.0 supports this functionality out of the box. To fully comply with PROD-27620 priority string should be set in reclass to the following string: SECURE256:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA:\ -CIPHER-ALL:+AES-256-GCM:+AES-256-CBC:-MAC-ALL:+AEAD:+SHA384 Also, fix some inconsistiences found: * tests/pillar/compute_single.sls - change qemu's group name to 'nova' as 'cinder' does not exists. Change-Id: I56a8c3726e1af274e2d2fffce8dca4501745519e Related-Prod: PROD-27620 (cherry picked from commit 77d9dacf644b1c8a93dcc35d30d90b046b86c9fa)

commit: 7086202da1aba9246750e915c2baee66ced56fdb [log] [tgz]
author: Dmitry Teselkin <dteselkin@mirantis.com> Thu Apr 18 16:43:50 2019 +0300
committer: Dmitry Teselkin <dteselkin@mirantis.com> Wed Apr 24 16:54:08 2019 +0300
tree: 56c6278cc2814a2197ca80e0316c7c0414e57a0c
parent: 0b62cdf5197cae77af0af3b6c8e3afdef23a9270 [diff] [blame]
diff --git a/tests/pillar/compute_single.sls b/tests/pillar/compute_single.sls
index b8754f6..2d00ef3 100644
--- a/tests/pillar/compute_single.sls
+++ b/tests/pillar/compute_single.sls

@@ -53,6 +53,7 @@
       host: 127.0.0.1
       port: 9292
     network:
+      user: nova
       engine: neutron
       region: RegionOne
       host: 127.0.0.1
@@ -73,7 +74,7 @@
         secret_key: secret
     qemu:
       user: nova
-      group: cinder
+      group: nova
       dynamic_ownership: 1
     consoleauth:
       token_ttl: 600
commit	7086202da1aba9246750e915c2baee66ced56fdb	[log] [tgz]
author	Dmitry Teselkin <dteselkin@mirantis.com>	Thu Apr 18 16:43:50 2019 +0300
committer	Dmitry Teselkin <dteselkin@mirantis.com>	Wed Apr 24 16:54:08 2019 +0300
tree	56c6278cc2814a2197ca80e0316c7c0414e57a0c
parent	0b62cdf5197cae77af0af3b6c8e3afdef23a9270 [diff] [blame]