From 660dbd5afbe473b78fd2f75253501fbd91f755b8 Mon Sep 17 00:00:00 2001 From: Juan Antonio Osorio Robles Date: Tue, 27 Sep 2016 07:18:27 +0000 Subject: Enable internal TLS for ceilometer This adds the necessary hieradata for enabling TLS in the internal network for ceilometer. bp tls-via-certmonger Depends-On: Ib5609f77a31b17ed12baea419ecfab5d5f676496 Change-Id: I3eb34efbc8489b23269f97f762d4a3d0fa69f666 --- puppet/services/ceilometer-api.yaml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'puppet/services/ceilometer-api.yaml') diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml index 27c32bfd..97b255a9 100644 --- a/puppet/services/ceilometer-api.yaml +++ b/puppet/services/ceilometer-api.yaml @@ -26,7 +26,9 @@ parameters: default: tag: openstack.ceilometer.api path: /var/log/ceilometer/api.log - + EnableInternalTLS: + type: boolean + default: false resources: CeilometerServiceBase: @@ -42,6 +44,7 @@ resources: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} + EnableInternalTLS: {get_param: EnableInternalTLS} outputs: role_data: @@ -69,9 +72,14 @@ outputs: # internal_api_subnet - > IP/CIDR - ceilometer::api::service_name: 'httpd' ceilometer::api::enable_proxy_headers_parsing: true - ceilometer::api::host: {get_param: [ServiceNetMap, CeilometerApiNetwork]} + ceilometer::api::host: + str_replace: + template: + '"%{::fqdn_$NETWORK}"' + params: + $NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]} ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]} - ceilometer::wsgi::apache::ssl: false + ceilometer::wsgi::apache::ssl: {get_param: EnableInternalTLS} ceilometer::wsgi::apache::servername: str_replace: template: -- cgit 1.2.3-korg