From c5dc8512354d51d62067d14e35a913e42531db10 Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Mon, 31 Jul 2017 11:22:22 +0300
Subject: Enable encryption of pacemaker traffic by default

We already are setting a pre-shared key by default for the pacemaker
cluster. This was done in order to communicate with TLS-PSK with
pacemaker-remote clusters. This key is also useful for us to enable
encrypted traffic for the regular cluster traffic, which we enable by
default with this patch.

Change-Id: I349b8bf79eeeaa4ddde1c17b7014603913f184cf
---
 .../Use-encryption-for-pacemaker-by-default-ca887dca02a21705.yaml   | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 releasenotes/notes/Use-encryption-for-pacemaker-by-default-ca887dca02a21705.yaml

(limited to 'releasenotes')

diff --git a/releasenotes/notes/Use-encryption-for-pacemaker-by-default-ca887dca02a21705.yaml b/releasenotes/notes/Use-encryption-for-pacemaker-by-default-ca887dca02a21705.yaml
new file mode 100644
index 0000000..65b0316
--- /dev/null
+++ b/releasenotes/notes/Use-encryption-for-pacemaker-by-default-ca887dca02a21705.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Encryption is used for pacemaker traffic by default. This is achieved by
+    using a pre shared key for all the pacemaker cluster nodes (same as the one
+    that was used for the pacemaker remote communication).
-- 
cgit 1.2.3-korg