From 1992282b88beed0df0a25e54b4bd92bbc3b1919f Mon Sep 17 00:00:00 2001 From: Juan Antonio Osorio Robles Date: Fri, 9 Dec 2016 15:22:42 +0200 Subject: Pass hieradata for internal TLS for RabbitMQ As with other services, this passes the necessary hieradata to enable TLS for RabbitMQ. This will mean (once we set it via puppet-tripleo) that there will only be TLS connections, as the ssl_only option is being used. bp tls-via-certmonger Change-Id: I960bf747cd5e3040f99b28e2fc5873ca3a7472b5 Depends-On: Ic2a7f877745a0a490ddc9315123bd1180b03c514 --- environments/enable-internal-tls.yaml | 3 +++ 1 file changed, 3 insertions(+) (limited to 'environments/enable-internal-tls.yaml') diff --git a/environments/enable-internal-tls.yaml b/environments/enable-internal-tls.yaml index ff4ecfbe..f485e4a5 100644 --- a/environments/enable-internal-tls.yaml +++ b/environments/enable-internal-tls.yaml @@ -2,6 +2,7 @@ # a TLS for in the internal network via certmonger parameter_defaults: EnableInternalTLS: true + RabbitClientUseSSL: true # Required for novajoin to enroll the overcloud nodes ServerMetadata: @@ -11,6 +12,8 @@ resource_registry: OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml OS::TripleO::Services::ApacheTLS: ../puppet/services/apache-internal-tls-certmonger.yaml OS::TripleO::Services::MySQLTLS: ../puppet/services/database/mysql-internal-tls-certmonger.yaml + OS::TripleO::Services::RabbitMQTLS: ../puppet/services/rabbitmq-internal-tls-certmonger.yaml + # We use apache as a TLS proxy OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml -- cgit 1.2.3-korg