Age | Commit message (Collapse) | Author | Files | Lines |
|
Before haproxy tries to use the TLS certificates it should already
trust the CA. So it's necessary for the local CA-related manifest to
notify the ::tripleo::haproxy class.
This works for newly set deployments. deployments that have already
ran the ca-trust section will already trust the CA and thus won't
need that part.
Change-Id: I32ded4e33abffd51f220fb8a7dc6263aace72acd
|
|
This gives the option to generate the service certificate(s) that
HAProxy will use. This will be used for both the overcloud and the
undercloud.
bp tls-via-certmonger
Change-Id: I3d0b729d0bad5252c1ae8852109c3a70c0c6ba7d
|
|
Deprecate loadbalancer profiles so we have a profile for HAproxy and
another for keepalived.
Once THT uses the new profiles, we'll remove loadbalancer profiles here.
Change-Id: I8aa9045fc80205485abab723968b26084f60bf71
|