apex-tripleo-heat-templates - Unnamed repository

Age	Commit message (Collapse)	Author	Files	Lines
2014-07-19	Fix SSL with HAProxy.	Robert Collins	1	-0/+16
	The current configuration of services is that if SSL is in use (signaled by stunnel.connect_ip) we bind to 127.0.0.1 - which is great, but it breaks simultaneous non-SSL due to there being no pass-through stunnel equivalent on all the nodes. As an interim measure, teach stunnel to connect to the ctlplane address instead. We will need this flexability in future anyway to deal with mixed-mode configurations, but we don't yet have an SSL only configuration. The change will permit SSL only by altering the Deployment object only - the SSL config object should now be flexible enough to run in either mode (but as yet on an all-one-way-or-the-other basis). Change-Id: Ibac3dec1fe7b573029482fdd9ad2d2f6223fbce0
2014-06-04	Setup SSL for Ceilometer	Rob Parker	1	-0/+3
	Establish the Public (SSL) port, 13777, and connect it to the internal port, 8777 Change-Id: I7bba7f8224b6e31fc4f5444eee679ca5a4ce4ebe
2014-05-20	ssl: Add support for a CA Certificate	Stuart McLaren	1	-0/+6
	Add SSLCACertificate to the overcloud yaml. This allows a CA certificate to be specified in cases where the Cert does not come from a CA in the system bundle. Partially implements: blueprint tripleo-ssl-overcloud Full set of blueprint changes: https://review.openstack.org/#/c/85098 https://review.openstack.org/#/c/85099 https://review.openstack.org/#/c/85100 Change-Id: I67d7c1362df323762023be5c74fbe75b1583570c
2014-05-02	Specify group os-apply-config for config resources	Steve Baker	1	-0/+1
	This will indicate to os-collect-config that this config resource represents os-apply-config configuration data, so it can only write out top-level config files for os-apply-config data (or Heat::Ungrouped for backwards compatibility). Change-Id: I3552fdd6df8106ab83cfd17d5f4b137cf33fbc36 Related-Bug: #1299109
2014-04-16	Switch overcloud to software-config	Clint Byrum	1	-30/+31
	This migrates the overcloud to using OS::Heat::StructuredConfig and OS::Heat::StructuredDeployment. With those tools, we can decouple servers from software configuration and begin to deprecate features in tripleo_heat_merge. Change-Id: Ice85f0711e90d0fabf1d1bc4698201c4d6758508
2014-04-09	Stop using notCompute in favor of controller	Dan Prince	1	-1/+1
	Updates all references for notCompute and notcompute to use 'controller' instead. Change-Id: I70ef83f35064ab388bdc7e1a6da62b6585580010 Partial-bug: #1300324
2014-01-31	Prep work for a scalable control plane.	Robert Collins	1	-1/+1
	This is complete as far as it goes but it isn't enough to make running a scaled out control plane actually work. Specifically, the constructs to point at API hosts based on looking up a network address aren't suirtable for scaled out - we need to be using the virtual IP or DNS round robin or other such resilient configurations, but that is largely / entirely orthogonal to making the template be ready for scaling. Change-Id: Ib9e6db5e7d5db84e4746afdabea046d2b8702bbb
2014-01-17	Add SSL configuration metadata for overclouds.	Robert Collins	1	-0/+43
	This passes SSL keys in via Heat which places a high cost on heat compromises or the use of a non-SSL heat to do deploys. We'll want to ensure that that is documented clearly. Change-Id: I14d441460116fda91fbd1d2097c5598b57155a6d