summaryrefslogtreecommitdiffstats
path: root/docker
diff options
context:
space:
mode:
authorJuan Antonio Osorio Robles <jaosorior@redhat.com>2017-08-18 05:42:59 +0000
committerJuan Antonio Osorio Robles <jaosorior@redhat.com>2017-08-21 12:30:58 +0000
commit8ba30a1912979925fa37e210df5ecaab47b07c33 (patch)
tree6bf3af52c619481ce1ad429c9c8a591b6e55cfb3 /docker
parent1d1ad7849b65e5ecbaf3e0f260b4ad1827dc6f22 (diff)
TLS for containerized horizon
bind mount the certificates needed for TLS. bp tls-via-certmonger-containers Change-Id: Ib9b533249be37665b77396a76133cc42fd15ee2b
Diffstat (limited to 'docker')
-rw-r--r--docker/services/horizon.yaml17
1 files changed, 17 insertions, 0 deletions
diff --git a/docker/services/horizon.yaml b/docker/services/horizon.yaml
index 3d3bc7c3..f2f2b8dc 100644
--- a/docker/services/horizon.yaml
+++ b/docker/services/horizon.yaml
@@ -36,6 +36,13 @@ parameters:
default: {}
description: Parameters specific to the role
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources:
@@ -117,6 +124,16 @@ outputs:
- /var/lib/kolla/config_files/horizon.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/horizon/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/horizon:/var/log/horizon
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks: