diff options
author | Jenkins <jenkins@review.openstack.org> | 2017-07-28 15:46:58 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2017-07-28 15:46:58 +0000 |
commit | 9e74d2d0acdc44e90c3be7a907d194d6102a830c (patch) | |
tree | 83d112d20efc5a5c1f51fec4595e1549c15116e4 | |
parent | 19e89d8d6e2c39c4b98edfba33613607e28e38ee (diff) | |
parent | 03af5f8f4d01fe40253b355252e05548d5f50777 (diff) |
Merge "Enable Zaqar API SSL"
-rw-r--r-- | docker/services/zaqar.yaml | 17 | ||||
-rw-r--r-- | puppet/services/zaqar.yaml | 4 |
2 files changed, 20 insertions, 1 deletions
diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml index 061a4a70..df57ad6a 100644 --- a/docker/services/zaqar.yaml +++ b/docker/services/zaqar.yaml @@ -40,9 +40,13 @@ parameters: default: {} description: Parameters specific to the role type: json + EnableInternalTLS: + type: boolean + default: false conditions: zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']} + internal_tls_enabled: {get_param: EnableInternalTLS} resources: @@ -58,6 +62,7 @@ resources: DefaultPasswords: {get_param: DefaultPasswords} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} + EnableInternalTLS: {get_param: EnableInternalTLS} outputs: role_data: @@ -137,6 +142,16 @@ outputs: - /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro - /var/log/containers/zaqar:/var/log/zaqar + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS zaqar_websocket: @@ -162,3 +177,5 @@ outputs: - name: Stop and disable zaqar service tags: step2 service: name=httpd state=stopped enabled=no + metadata_settings: + get_attr: [ZaqarBase, role_data, metadata_settings] diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml index 21857423..4a1ad179 100644 --- a/puppet/services/zaqar.yaml +++ b/puppet/services/zaqar.yaml @@ -105,7 +105,7 @@ outputs: - {get_param: ZaqarDebug } zaqar::server::service_name: 'httpd' zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]} - zaqar::wsgi::apache::ssl: false + zaqar::wsgi::apache::ssl: {get_param: EnableInternalTLS} zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]} zaqar::message_pipeline: 'zaqar.notification.notifier' zaqar::unreliable: true @@ -178,6 +178,8 @@ outputs: - {} step_config: | include ::tripleo::profile::base::zaqar + metadata_settings: + get_attr: [ApacheServiceBase, role_data, metadata_settings] upgrade_tasks: yaql: expression: $.data.apache_upgrade + $.data.zaqar_upgrade |