Enable encryption of pacemaker traffic by default

We already are setting a pre-shared key by default for the pacemaker cluster. This was done in order to communicate with TLS-PSK with pacemaker-remote clusters. This key is also useful for us to enable encrypted traffic for the regular cluster traffic, which we enable by default with this patch. Change-Id: I349b8bf79eeeaa4ddde1c17b7014603913f184cf
author: Juan Antonio Osorio Robles <jaosorior@redhat.com> 2017-07-31 11:22:22 +0300
committer: Juan Antonio Osorio Robles <jaosorior@redhat.com> 2017-08-01 08:39:33 +0300
commit: c5dc8512354d51d62067d14e35a913e42531db10 (patch)
tree: 14479c78f80dad6948cd3494cbf8a4c1dbdaa764 /releasenotes/notes
parent: 01ae50352519d80810739c0f9319f74aab2e786d (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/releasenotes/notes/Use-encryption-for-pacemaker-by-default-ca887dca02a21705.yaml b/releasenotes/notes/Use-encryption-for-pacemaker-by-default-ca887dca02a21705.yaml
new file mode 100644
index 0000000..65b0316
--- /dev/null
+++ b/releasenotes/notes/Use-encryption-for-pacemaker-by-default-ca887dca02a21705.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Encryption is used for pacemaker traffic by default. This is achieved by
+    using a pre shared key for all the pacemaker cluster nodes (same as the one
+    that was used for the pacemaker remote communication).
author	Juan Antonio Osorio Robles <jaosorior@redhat.com>	2017-07-31 11:22:22 +0300
committer	Juan Antonio Osorio Robles <jaosorior@redhat.com>	2017-08-01 08:39:33 +0300
commit	c5dc8512354d51d62067d14e35a913e42531db10 (patch)
tree	14479c78f80dad6948cd3494cbf8a4c1dbdaa764 /releasenotes/notes
parent	01ae50352519d80810739c0f9319f74aab2e786d (diff)