diff options
| author |   Oliver Walsh <owalsh@redhat.com> | 2017-06-08 00:55:41 +0100 |
|---|---|---|
| committer | Oliver Walsh <owalsh@redhat.com> | 2017-06-08 00:55:41 +0100 |
| commit | e825cda0f9895ae976fda686c800cce069bb925c (patch) | |
| tree | 1ecd98438cf7403c3011cbe1561afbb5e83f1508 /docker | |
| parent | 26fc6f24a41319f3883a29e1748afb74071e1b86 (diff) | |
Modify libvirtd container command line when TLS is enabled
Libvirtd needs the --listen arg to enable the TLS socket.
Change-Id: I535165f0a2634728045491b2a37a56b1891b13fe
Resolves-Bug: #1694958
Diffstat (limited to 'docker')
| -rw-r--r-- | docker/services/nova-libvirt.yaml | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml index 9779d676..df0051f2 100644 --- a/docker/services/nova-libvirt.yaml +++ b/docker/services/nova-libvirt.yaml @@ -44,6 +44,26 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + EnableInternalTLS: + type: boolean + default: false + UseTLSTransportForLiveMigration: + type: boolean + default: true + description: If set to true and if EnableInternalTLS is enabled, it will + set the libvirt URI's transport to tls and configure the + relevant keys for libvirt. + +conditions: + + use_tls_for_live_migration: + and: + - equals: + - {get_param: EnableInternalTLS} + - true + - equals: + - {get_param: UseTLSTransportForLiveMigration} + - true resources: @@ -85,7 +105,11 @@ outputs: - [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ] kolla_config: /var/lib/kolla/config_files/nova-libvirt.json: - command: /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf + command: + if: + - use_tls_for_live_migration + - /usr/sbin/libvirtd --listen --config /etc/libvirt/libvirtd.conf + - /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf permissions: - path: /var/log/nova owner: nova:nova |