From aa7315e58530861753e00779e55b5d4ab4ef5089 Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Tue, 27 Sep 2016 08:45:07 +0000
Subject: Enable TLS in the internal network for aodh

This optionally enables TLS for aodh in the internal network.
If internal TLS is enabled, each node that is serving the aodh
service will use certmonger to request its certificate.

This, in turn should also configure a command that should be ran when
the certificate is refreshed (which requires the service to be
restarted).

bp tls-via-certmonger

Change-Id: I50ef0c8fbecb19d6597a28290daa61a91f3b13fc
---
 manifests/haproxy.pp | 1 +
 1 file changed, 1 insertion(+)

(limited to 'manifests/haproxy.pp')

diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index 932b016..4c8859e 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -893,6 +893,7 @@ class tripleo::haproxy (
       server_names      => hiera('aodh_api_node_names', $controller_hosts_names_real),
       public_ssl_port   => $ports[aodh_api_ssl_port],
       service_network   => $aodh_network,
+      member_options    => union($haproxy_member_options, $internal_tls_member_options),
     }
   }
 
-- 
cgit 1.2.3-korg