aboutsummaryrefslogtreecommitdiffstats
path: root/environments
diff options
context:
space:
mode:
authorBen Nemec <bnemec@redhat.com>2017-08-11 16:31:01 -0500
committerEmilien Macchi <emilien@redhat.com>2017-09-02 04:18:31 +0000
commitca4b08bb6df610f7eea6e40e9e0ca445091369fa (patch)
treef33837e2376d74c6c4a0bff7f7109cc663762989 /environments
parentd875f79dab32bca11016234ea135a206688f793e (diff)
Convert enable-internal-tls.yaml to be generated
All of the other SSL environments were converted, but this one was missed. That's an inconsistent user experience and should be cleaned up. This environment also exposed a bug in the tool where it did not include the parameter_defaults section key if all the parameters were marked static. Change-Id: I19bc422c22b9f60f781e696ce703b026dc317786 Closes-Bug: 1713761 (cherry picked from commit 7c06db3d1c384773c4abccbce450c259f75e5e4a)
Diffstat (limited to 'environments')
-rw-r--r--environments/enable-internal-tls.yaml4
-rw-r--r--environments/ssl/enable-internal-tls.yaml36
2 files changed, 40 insertions, 0 deletions
diff --git a/environments/enable-internal-tls.yaml b/environments/enable-internal-tls.yaml
index 2fdecb4f..e85185d6 100644
--- a/environments/enable-internal-tls.yaml
+++ b/environments/enable-internal-tls.yaml
@@ -1,3 +1,7 @@
+# ********************************************************************************
+# DEPRECATED: Use tripleo-heat-templates/environments/ssl/enable-internal-tls.yaml
+# instead.
+# ********************************************************************************
# A Heat environment file which can be used to enable a
# a TLS for in the internal network via certmonger
parameter_defaults:
diff --git a/environments/ssl/enable-internal-tls.yaml b/environments/ssl/enable-internal-tls.yaml
new file mode 100644
index 00000000..287ed19f
--- /dev/null
+++ b/environments/ssl/enable-internal-tls.yaml
@@ -0,0 +1,36 @@
+# *******************************************************************
+# This file was created automatically by the sample environment
+# generator. Developers should use `tox -e genconfig` to update it.
+# Users are recommended to make changes to a copy of the file instead
+# of the original, if any customizations are needed.
+# *******************************************************************
+# title: Enable SSL on OpenStack Internal Endpoints
+# description: |
+# A Heat environment file which can be used to enable TLS for the internal
+# network via certmonger
+parameter_defaults:
+ # ******************************************************
+ # Static parameters - these are values that must be
+ # included in the environment but should not be changed.
+ # ******************************************************
+ #
+ # Type: boolean
+ EnableInternalTLS: True
+
+ # Rabbit client subscriber parameter to specify an SSL connection to the RabbitMQ host.
+ # Type: string
+ RabbitClientUseSSL: True
+
+ # Extra properties or metadata passed to Nova for the created nodes in the overcloud. It's accessible via the Nova metadata API.
+ # Type: json
+ ServerMetadata:
+ ipa_enroll: True
+
+ # *********************
+ # End static parameters
+ # *********************
+resource_registry:
+ OS::TripleO::ServiceServerMetadataHook: ../extraconfig/nova_metadata/krb-service-principals.yaml
+ OS::TripleO::Services::CertmongerUser: ../puppet/services/certmonger-user.yaml
+ OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml
+ OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml