Linstor: Add controller token auth support#13470
Conversation
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## 4.22 #13470 +/- ##
============================================
- Coverage 17.67% 17.66% -0.01%
- Complexity 15790 15793 +3
============================================
Files 5922 5923 +1
Lines 533173 533277 +104
Branches 65209 65232 +23
============================================
+ Hits 94218 94228 +10
- Misses 428309 428403 +94
Partials 10646 10646
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
|
@blueorangutan package |
|
@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
|
Packaging result [SF]: ✖️ el8 ✖️ el9 ✔️ debian ✖️ suse15. SL-JID 18340 |
With Linstor 1.34.0 a new authentication mode is supported: * Bearer token To support that it had to be implemented in the java-linstor library and we need to store the auth token per storage pool. Also per default with this auth mode Linstor will run with HTTPS enabled, so we also have to support that.
StaticInputsForm.fillValue() only seeded defaults for currently-displayed fields, so a display-gated switch with checked:true bound to an undefined value and rendered as off once revealed. Seed checked switch/checkbox fields even while hidden, so the Linstor 'Allow self-signed certificate' toggle defaults on in the zone creation wizard.
rp-
force-pushed
the
linstor-4.22-token-auth-support
branch
from
d9093e9 to
785957f
Compare
boring-cyborg
Bot
added
component:integration-test
Python
|
@DaanHoogland what is actual the right way to tag for milestone here? I would like this to be in 4.23.0 and also in the next 4.22? |
|
4.22.2 is good, for it to make 23, it must be merged before the freeze though. |
3 participants
Description
Linstor 1.34.0 will add support for a new bearer token authentication method, and this PR will add support for exactly that.
The PR will simply update the java-linstor library that adds authentication support and adds 2 new config values
to set an explicit token and also to enable/disable use of untrusted https controller certificates.
How to enable token authentication in Linstor can be read here: https://linbit.com/drbd-user-guide/linstor-guide-1_0-en/#s-linstor-token-authentication
Linstor 1.34.0 is currently only released as release canidate.
Types of changes
Feature/Enhancement Scale or Bug Severity
Feature/Enhancement Scale
Bug Severity
Screenshots (if appropriate):
How Has This Been Tested?
This change is running now since 2 weeks on our internal Cloudstack cluster, additionally fresh
Linstor/Cloudstack cluster installs with token authentication have been tested.
How did you try to break this feature and the system with this change?
The good thing about the changes is, that it is rather a works or doesn't work thing, as the changes are on the base communication.