From 97b12afbadeadac0be348b7cc263b090f6e6f0b8 Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Tue, 3 Nov 2015 15:19:18 +0200
Subject: Inject TLS certificate and keys for the Overcloud

This is a first implementation of adding TLS termination to the load
balancer in the controllers. The implementation was made so that the
appropriate certificate/private key in PEM format is copied to the
appropriate controller(s) via a software deployment resource.

And the path is then referenced on the HAProxy configuration, but this
part was left commented out because we need to be able to configure the
keystone endpoints in order for this to work properly.

Change-Id: I0ba8e38d75a0c628d8132a66dc25a30fc5183c79
---
 environments/enable-tls.yaml | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 environments/enable-tls.yaml

(limited to 'environments')

diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml
new file mode 100644
index 00000000..5c2506e9
--- /dev/null
+++ b/environments/enable-tls.yaml
@@ -0,0 +1,9 @@
+parameter_defaults:
+  SSLCertificate: |
+    The contents of your certificate go here
+  SSLIntermediateCertificate: ''
+  SSLKey: |
+    The contents of the private key go here
+
+resource_registry:
+  OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml
-- 
cgit 1.2.3-korg