diff options
Diffstat (limited to 'docker/services')
-rw-r--r-- | docker/services/heat-api-cfn.yaml | 16 | ||||
-rw-r--r-- | docker/services/heat-api.yaml | 16 | ||||
-rw-r--r-- | docker/services/zaqar.yaml | 8 |
3 files changed, 37 insertions, 3 deletions
diff --git a/docker/services/heat-api-cfn.yaml b/docker/services/heat-api-cfn.yaml index fc228155..ff18f177 100644 --- a/docker/services/heat-api-cfn.yaml +++ b/docker/services/heat-api-cfn.yaml @@ -31,7 +31,13 @@ parameters: DefaultPasswords: default: {} type: json + EnableInternalTLS: + type: boolean + default: false +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -95,6 +101,16 @@ outputs: - /var/lib/config-data/heat_api_cfn/etc/httpd/:/etc/httpd/:ro - /var/lib/config-data/heat_api_cfn/var/www/:/var/www/:ro - /var/log/containers/heat:/var/log/heat + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: diff --git a/docker/services/heat-api.yaml b/docker/services/heat-api.yaml index fe565411..886a0d80 100644 --- a/docker/services/heat-api.yaml +++ b/docker/services/heat-api.yaml @@ -31,7 +31,13 @@ parameters: DefaultPasswords: default: {} type: json + EnableInternalTLS: + type: boolean + default: false +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} resources: @@ -95,6 +101,16 @@ outputs: - /var/lib/config-data/heat_api/etc/httpd/:/etc/httpd/:ro - /var/lib/config-data/heat_api/var/www/:/var/www/:ro - /var/log/containers/heat:/var/log/heat + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml index 5ba044ea..07abf07d 100644 --- a/docker/services/zaqar.yaml +++ b/docker/services/zaqar.yaml @@ -59,7 +59,7 @@ outputs: - [ {get_param: DockerNamespace}, {get_param: DockerZaqarImage} ] kolla_config: /var/lib/kolla/config_files/zaqar.json: - command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf + command: /usr/sbin/httpd -DFOREGROUND /var/lib/kolla/config_files/zaqar_websocket.json: command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf --config-file /etc/zaqar/1.conf permissions: @@ -73,6 +73,9 @@ outputs: net: host privileged: false restart: always + # NOTE(mandre) kolla image changes the user to 'zaqar', we need it + # to be root to run httpd + user: root volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} @@ -108,5 +111,4 @@ outputs: upgrade_tasks: - name: Stop and disable zaqar service tags: step2 - service: name=openstack-zaqar.service state=stopped enabled=no - + service: name=httpd state=stopped enabled=no |