aboutsummaryrefslogtreecommitdiffstats
path: root/overcloud-without-mergepy.yaml
diff options
context:
space:
mode:
authorJuan Antonio Osorio Robles <jaosorior@redhat.com>2015-11-03 15:19:18 +0200
committerJuan Antonio Osorio Robles <jaosorior@redhat.com>2015-11-23 11:55:26 +0200
commit97b12afbadeadac0be348b7cc263b090f6e6f0b8 (patch)
tree2861d938b7f27a97441b3c38d667fdb952df9370 /overcloud-without-mergepy.yaml
parentf6093f3081d70496ca99a358a2e484a85ff02926 (diff)
Inject TLS certificate and keys for the Overcloud
This is a first implementation of adding TLS termination to the load balancer in the controllers. The implementation was made so that the appropriate certificate/private key in PEM format is copied to the appropriate controller(s) via a software deployment resource. And the path is then referenced on the HAProxy configuration, but this part was left commented out because we need to be able to configure the keystone endpoints in order for this to work properly. Change-Id: I0ba8e38d75a0c628d8132a66dc25a30fc5183c79
Diffstat (limited to 'overcloud-without-mergepy.yaml')
-rw-r--r--overcloud-without-mergepy.yaml18
1 files changed, 1 insertions, 17 deletions
diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml
index f679c6b..c3b95b9 100644
--- a/overcloud-without-mergepy.yaml
+++ b/overcloud-without-mergepy.yaml
@@ -490,20 +490,6 @@ parameters:
Specifies the interface where the public-facing virtual ip will be assigned.
This should be int_public when a VLAN is being used.
type: string
- SSLCertificate:
- default: ''
- description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
- type: string
- hidden: true
- SSLKey:
- default: ''
- description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
- type: string
- hidden: true
- SSLCACertificate:
- default: ''
- description: If set, the contents of an SSL certificate authority file.
- type: string
SwiftHashSuffix:
default: unset
description: A random string to be used as a salt when hashing to determine mappings in the ring.
@@ -880,9 +866,6 @@ resources:
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
- SSLCertificate: {get_param: SSLCertificate}
- SSLKey: {get_param: SSLKey}
- SSLCACertificate: {get_param: SSLCACertificate}
SwiftHashSuffix: {get_param: SwiftHashSuffix}
SwiftMountCheck: {get_param: SwiftMountCheck}
SwiftMinPartHours: {get_param: SwiftMinPartHours}
@@ -911,6 +894,7 @@ resources:
template: {get_param: ControllerHostnameFormat}
params:
'%stackname%': {get_param: 'OS::stack_name'}
+ NodeIndex: '%index%'
Compute:
type: OS::Heat::ResourceGroup