summaryrefslogtreecommitdiffstats
path: root/environments/enable-tls.yaml
AgeCommit message (Collapse)AuthorFilesLines
2016-03-24Merge "Deploy Aodh services, replacing Ceilometer Alarm"Jenkins1-0/+3
2016-03-20Deploy Aodh services, replacing Ceilometer AlarmPradeep Kilambi1-0/+3
Ceilometer Alarm is deprecated in Liberty by Aodh. This patch: * manage Aodh Keystone resources * deploy Aodh API under WSGI, Notifier, Listener and Evaluator * manage new parameters to customize Aodh deployment * uses ceilometer DB for the upgrade path * pacemaker config * Add migration logic to remove pcs resources Depends-On: I5333faa72e52d2aa2a622ac2d4b60825aadc52b5 Depends-On: Ib6c9c4c35da3fb55e0ca8e2d5a58ebaf4204d792 Co-Authored-By: Emilien Macchi <emilien@redhat.com> Change-Id: Ib47a22884afb032ebc1655e1a4a06bfe70249134
2016-03-18Remove GlanceRegistry from EndpointMapGiulio Fidente1-3/+0
We don't need an endpoint for the glance-registry service, that is used by glance-api when needed and is not meant to be user-facing. Change-Id: Ia6c9dd6164d3b91adbc937d70fa74d5fbbfb28a3
2016-03-08Update enable-tls.yaml with new endpointsBen Nemec1-0/+6
A couple of new endpoints have been added, and if they're not in the configured value for EndpointMap it will cause problems. Sahara is not added as ssl-enabled because I don't believe it has been added to the loadbalancer yet. Note that there is work underway to CI overcloud SSL, which should catch problems like this in the future. Change-Id: Ia8a106fd94da7be8675ea84f5fbb9ac959771d10
2016-03-04Revert "Deploy Aodh services, replacing Ceilometer Alarm"James Slagle1-3/+0
This just a revert to see if reverting this gets back to a normal CI run time. This reverts commit f72aed85594f223b6f888e6d0af3c880ea581a66. Change-Id: I04a0893f6cf69f547a4db26261005e580e1fc90b
2016-03-03Deploy Aodh services, replacing Ceilometer AlarmEmilien Macchi1-0/+3
Ceilometer Alarm is deprecated in Liberty by Aodh. This patch: * manage Aodh Keystone resources * deploy Aodh API under WSGI, Notifier, Listener and Evaluator * manage new parameters to customize Aodh deployment * uses ceilometer DB for the upgrade path * pacemaker config Depends-On: I9e34485285829884d9c954b804e3bdd5d6e31635 Depends-On: I891985da9248a88c6ce2df1dd186881f582605ee Depends-On: Ied8ba5985f43a5c5b3be5b35a091aef6ed86572f Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com> Change-Id: I58d419173e80d2462accf7324c987c71420fd5f6
2016-01-15Allow vncproxy to work with ssl enabledBen Nemec1-0/+3
Right now our vncproxy settings are hard-coded to http and the non-ssl port. This change adds a vncproxy entry to the endpoint map and uses those values to configure the proxy correctly on compute nodes. This is sufficient to get it working in my environment with ssl enabled. Change-Id: I9d69b088eef4700959b33c7e0eb44932949d7b71
2015-12-08Enable TLS in loadbalancer if cert path is detectedJuan Antonio Osorio Robles1-0/+32
If there is a value for the certificate path (which should only happen if the environment for enabling TLS is used) then the loadbalancer will detect it and configure it's front ends correctly. On the other hand a proper override for the example environment was given, since this will be needed because we want to pass the hosts and protocols correctly so the tripleoclient will catch it and pass it to os-cloud-config Change-Id: Ifba51495f0c99398291cfd29d10c04ec33b8fc34 Depends-On: Ie2428093b270ab8bc19fcb2130bb16a41ca0ce09
2015-11-23Inject TLS certificate and keys for the OvercloudJuan Antonio Osorio Robles1-0/+9
This is a first implementation of adding TLS termination to the load balancer in the controllers. The implementation was made so that the appropriate certificate/private key in PEM format is copied to the appropriate controller(s) via a software deployment resource. And the path is then referenced on the HAProxy configuration, but this part was left commented out because we need to be able to configure the keystone endpoints in order for this to work properly. Change-Id: I0ba8e38d75a0c628d8132a66dc25a30fc5183c79