From 5318a833227ee09eccee520542f7235311675403 Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Thu, 8 Dec 2016 12:02:57 +0200
Subject: Use TLS proxy for Glance API's internal TLS

This uses the tls_proxy resource added in the previous commit [1] in
front of the Glance API server when internal TLS is enabled. Right
now values are passed quite manually, but a subsequent commit will use
t-h-t to pass the appropriate hieradata, and then we'll be able to clean
it up from here.

Note that the proxy is only deployed when internal TLS is enabled.

[1] I82243fd3acfe4f23aab373116b78e1daf9d08467

bp tls-via-certmonger
Depends-On: Id5dfb38852cf2420f4195a3c1cb98d5c47bbd45e

Change-Id: Id35a846d43ecae8903a0d58306d9803d5ea00bee
---
 manifests/haproxy.pp | 1 +
 1 file changed, 1 insertion(+)

(limited to 'manifests/haproxy.pp')

diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index 043e01e..b8a27af 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -919,6 +919,7 @@ class tripleo::haproxy (
             'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
       },
       service_network   => $glance_api_network,
+      member_options    => union($haproxy_member_options, $internal_tls_member_options),
     }
   }
 
-- 
cgit 1.2.3-korg