From 21babd340ac7c4d1dca16c4925d0fd1a0ff31b06 Mon Sep 17 00:00:00 2001 From: Martin Mágr Date: Thu, 12 Jan 2017 14:21:42 +0100 Subject: Improve SSL support for Sensu This patch allows operator to create SSL certificates for SSL auth to RabbitMQ. Change-Id: I250aedcfdbe3b7a7e8c611c0e6122cf8fe0edda4 --- puppet/services/monitoring/sensu-base.yaml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'puppet') diff --git a/puppet/services/monitoring/sensu-base.yaml b/puppet/services/monitoring/sensu-base.yaml index a8303a59..2fa1569c 100644 --- a/puppet/services/monitoring/sensu-base.yaml +++ b/puppet/services/monitoring/sensu-base.yaml @@ -29,7 +29,18 @@ parameters: default: false description: > RabbitMQ client subscriber parameter to specify an SSL connection - to the RabbitMQ host. + to the RabbitMQ host. Set MonitoringRabbitUseSSL to true without + specifying a private key or cert chain to use SSL transport, + but not cert auth. + type: string + MonitoringRabbitSSLPrivateKey: + default: '' + description: Private key to be used by Sensu to connect to RabbitMQ host. + type: string + MonitoringRabbitSSLCertChain: + default: '' + description: > + Private SSL cert chain to be used by Sensu to connect to RabbitMQ host. type: string MonitoringRabbitPassword: description: The RabbitMQ password used for monitoring purposes. @@ -71,6 +82,8 @@ outputs: sensu::rabbitmq_password: {get_param: MonitoringRabbitPassword} sensu::rabbitmq_port: {get_param: MonitoringRabbitPort} sensu::rabbitmq_ssl: {get_param: MonitoringRabbitUseSSL} + sensu::rabbitmq_ssl_private_key: {get_param: MonitoringRabbitSSLPrivateKey} + sensu::rabbitmq_ssl_cert_chain: {get_param: MonitoringRabbitSSLCertChain} sensu::rabbitmq_user: {get_param: MonitoringRabbitUserName} sensu::rabbitmq_vhost: {get_param: MonitoringRabbitVhost} sensu::redact: {get_param: SensuRedactVariables} -- cgit 1.2.3-korg