diff options
author | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2015-11-03 15:27:28 +0200 |
---|---|---|
committer | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2015-11-25 15:16:08 +0200 |
commit | 14c4417e425f832660bd54118112fc991564b38d (patch) | |
tree | 41e257f24633dc26ee674a5300da659f96ebda56 /overcloud-resource-registry-puppet.yaml | |
parent | 97b12afbadeadac0be348b7cc263b090f6e6f0b8 (diff) |
Enable trust anchor injection
This commit enables the injection of a trust anchor or root
certificate into every node in the overcloud. This is in case that the
TLS certificates for the controllers are signed with a self-signed CA
or if the deployer would like to inject a relevant root certificate
for other purposes. In this case the other nodes might need to have
the root certificate in their trust chain in order to do proper
validation
Change-Id: Ia45180fe0bb979cf12d19f039dbfd22e26fb4856
Diffstat (limited to 'overcloud-resource-registry-puppet.yaml')
-rw-r--r-- | overcloud-resource-registry-puppet.yaml | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index bf1cc25c..18824ace 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -33,6 +33,7 @@ resource_registry: # NodeExtraConfig == All nodes configuration pre service deployment # NodeExtraConfigPost == All nodes configuration post service deployment OS::TripleO::NodeUserData: firstboot/userdata_default.yaml + OS::TripleO::NodeTLSCAData: puppet/extraconfig/tls/no-ca.yaml OS::TripleO::NodeTLSData: puppet/extraconfig/tls/no-tls.yaml OS::TripleO::ControllerExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml OS::TripleO::ComputeExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml |