diff options
author | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-01-25 18:22:16 +0200 |
---|---|---|
committer | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-01-26 19:00:46 +0200 |
commit | 033e1f360025c9409d7e840b48a64c8814c3a1bd (patch) | |
tree | 647b33039750b46a5e754731091017a033e52925 /manifests/profile/base/neutron.pp | |
parent | 58200e33c29f15dbd7b2489789b0e8d7b0992c5d (diff) |
Use TLS proxy for neutron server's internal TLS
This uses the tls_proxy resource added in a previous commit [1] in
front of the neutron server when internal TLS is enabled. Right
now values are passed quite manually, but a subsequent commit will use
t-h-t to pass the appropriate hieradata, and then we'll be able to
clean it up from here.
Note that the proxy is only deployed when internal TLS is enabled.
[1] I82243fd3acfe4f23aab373116b78e1daf9d08467
bp tls-via-certmonger
Change-Id: I6dfbf49f45aef9f47e58b5c0dbedd2b4e239979e
Diffstat (limited to 'manifests/profile/base/neutron.pp')
-rw-r--r-- | manifests/profile/base/neutron.pp | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/manifests/profile/base/neutron.pp b/manifests/profile/base/neutron.pp index e6a32db..3de50c2 100644 --- a/manifests/profile/base/neutron.pp +++ b/manifests/profile/base/neutron.pp @@ -35,9 +35,22 @@ class tripleo::profile::base::neutron ( $rabbit_hosts = hiera('rabbitmq_node_names', undef), $rabbit_port = hiera('neutron::rabbit_port', 5672), ) { + + # TODO(jaosorior): Remove this when we pass it via t-h-t + if hiera('enable_internal_tls', false) { + $bind_host = 'localhost' + } else { + # This is executed in all of the nodes that use something neutron-related, + # so we set the defalut, since the bind_host is only available in the + # controllers. Either way, this will be removed and set properly via t-h-t + # in a subsequent commit. + $bind_host = hiera('neutron::bind_host', $::os_service_default) + } + if $step >= 3 { $rabbit_endpoints = suffix(any2array($rabbit_hosts), ":${rabbit_port}") class { '::neutron' : + bind_host => $bind_host, rabbit_hosts => $rabbit_endpoints, } include ::neutron::config |