aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/services')
-rw-r--r--puppet/services/README.rst14
-rw-r--r--puppet/services/database/mongodb.yaml6
-rw-r--r--puppet/services/tripleo-packages.yaml4
3 files changed, 23 insertions, 1 deletions
diff --git a/puppet/services/README.rst b/puppet/services/README.rst
index d55414b7..a593d55e 100644
--- a/puppet/services/README.rst
+++ b/puppet/services/README.rst
@@ -155,7 +155,7 @@ Similar to the step_config, we allow a series of steps for the per-service
upgrade sequence, defined as ansible tasks with a tag e.g "step1" for the first
step, "step2" for the second, etc.
- Steps/tages correlate to the following:
+ Steps/tags correlate to the following:
1) Stop all control-plane services.
@@ -186,6 +186,18 @@ Note that the services are not started in the upgrade tasks - we instead re-run
puppet which does any reconfiguration required for the new version, then starts
the services.
+Update Steps
+------------
+
+Each service template may optionally define a `update_tasks` key, which is a
+list of ansible tasks to be performed during the minor update process.
+
+Similar to the upgrade_tasks, we allow a series of steps for the per-service
+update sequence, but note update_task selects the steps via a conditional
+referencing the step variable e.g when: step == 2, which is different to the
+tags based approach used for upgrade_tasks (the two may be aligned in future).
+
+
Nova Server Metadata Settings
-----------------------------
diff --git a/puppet/services/database/mongodb.yaml b/puppet/services/database/mongodb.yaml
index 04f34e24..dcead0f7 100644
--- a/puppet/services/database/mongodb.yaml
+++ b/puppet/services/database/mongodb.yaml
@@ -47,6 +47,11 @@ parameters:
EnableInternalTLS:
type: boolean
default: false
+ InternalTLSCAFile:
+ default: '/etc/ipa/ca.crt'
+ type: string
+ description: Specifies the default CA cert to use if TLS is used for
+ services in the internal network.
conditions:
@@ -98,6 +103,7 @@ outputs:
generate_service_certificates: true
mongodb::server::ssl: true
mongodb::server::ssl_key: '/etc/pki/tls/certs/mongodb.pem'
+ mongodb::server::ssl_ca: {get_param: InternalTLSCAFile}
mongodb_certificate_specs:
service_pem: '/etc/pki/tls/certs/mongodb.pem'
service_certificate: '/etc/pki/tls/certs/mongodb.crt'
diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml
index e471c2a6..2a8620c8 100644
--- a/puppet/services/tripleo-packages.yaml
+++ b/puppet/services/tripleo-packages.yaml
@@ -56,3 +56,7 @@ outputs:
- name: Update all packages
tags: step3
yum: name=* state=latest
+ update_tasks:
+ - name: Update all packages
+ yum: name=* state=latest
+ when: step == "3"