summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJuan Antonio Osorio Robles <jaosorior@redhat.com>2016-09-27 07:18:27 +0000
committerJuan Antonio Osorio Robles <jaosorior@redhat.com>2016-10-20 12:22:51 +0300
commit660dbd5afbe473b78fd2f75253501fbd91f755b8 (patch)
treea39443d91deb4d6aa1368cfc84a2a739dc21ce66
parentdebbfbbf8fe8702fd3202f75e049496ee9bb3ddf (diff)
Enable internal TLS for ceilometer
This adds the necessary hieradata for enabling TLS in the internal network for ceilometer. bp tls-via-certmonger Depends-On: Ib5609f77a31b17ed12baea419ecfab5d5f676496 Change-Id: I3eb34efbc8489b23269f97f762d4a3d0fa69f666
-rw-r--r--puppet/services/ceilometer-api.yaml14
1 files changed, 11 insertions, 3 deletions
diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml
index 27c32bfd..97b255a9 100644
--- a/puppet/services/ceilometer-api.yaml
+++ b/puppet/services/ceilometer-api.yaml
@@ -26,7 +26,9 @@ parameters:
default:
tag: openstack.ceilometer.api
path: /var/log/ceilometer/api.log
-
+ EnableInternalTLS:
+ type: boolean
+ default: false
resources:
CeilometerServiceBase:
@@ -42,6 +44,7 @@ resources:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
+ EnableInternalTLS: {get_param: EnableInternalTLS}
outputs:
role_data:
@@ -69,9 +72,14 @@ outputs:
# internal_api_subnet - > IP/CIDR
- ceilometer::api::service_name: 'httpd'
ceilometer::api::enable_proxy_headers_parsing: true
- ceilometer::api::host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
+ ceilometer::api::host:
+ str_replace:
+ template:
+ '"%{::fqdn_$NETWORK}"'
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
- ceilometer::wsgi::apache::ssl: false
+ ceilometer::wsgi::apache::ssl: {get_param: EnableInternalTLS}
ceilometer::wsgi::apache::servername:
str_replace:
template: