Enable TLS in the internal network for aodh

This optionally enables TLS for aodh in the internal network. If internal TLS is enabled, each node that is serving the aodh service will use certmonger to request its certificate. This, in turn should also configure a command that should be ran when the certificate is refreshed (which requires the service to be restarted). bp tls-via-certmonger Change-Id: I50ef0c8fbecb19d6597a28290daa61a91f3b13fc
author: Juan Antonio Osorio Robles <jaosorior@redhat.com> 2016-09-27 08:45:07 +0000
committer: Juan Antonio Osorio Robles <jaosorior@redhat.com> 2016-10-19 17:40:32 +0300
commit: aa7315e58530861753e00779e55b5d4ab4ef5089 (patch)
tree: d48434abb648bebba4461bfff8dab7a3ce7773db /manifests/haproxy.pp
parent: a173a030aa97ae17b457206cab3e657c28c04880 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index 932b016..4c8859e 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -893,6 +893,7 @@ class tripleo::haproxy (
       server_names      => hiera('aodh_api_node_names', $controller_hosts_names_real),
       public_ssl_port   => $ports[aodh_api_ssl_port],
       service_network   => $aodh_network,
+      member_options    => union($haproxy_member_options, $internal_tls_member_options),
     }
   }
author	Juan Antonio Osorio Robles <jaosorior@redhat.com>	2016-09-27 08:45:07 +0000
committer	Juan Antonio Osorio Robles <jaosorior@redhat.com>	2016-10-19 17:40:32 +0300
commit	aa7315e58530861753e00779e55b5d4ab4ef5089 (patch)
tree	d48434abb648bebba4461bfff8dab7a3ce7773db /manifests/haproxy.pp
parent	a173a030aa97ae17b457206cab3e657c28c04880 (diff)