Revert "xci: osa: Disable haproxy ssl configuration"

This reverts commit 42501f0ef7e0f0729b1c780102fb9713ef383fb3.

This also removes the entire SSL management code and we let the
haproxy_server role generate the certificates for us.

We also need to bump the openrc role to include an upstream patch
which fixes the openrc template file.

deploy-scenario:os-nosdn-nofeature
installer-type:osa

Change-Id: I9bb590c9f1d5bc63519cfb4794dc15f794cc5b07
Signed-off-by: Markos Chandras <mchandras@suse.de>

1 files changed, 2 insertions, 5 deletions

diff --git a/xci/installer/osa/files/ha/user_variables.yml b/xci/installer/osa/files/ha/user_variables.yml
index c51a6e12..8c2e9f0c 100644
--- a/xci/installer/osa/files/ha/user_variables.yml
+++ b/xci/installer/osa/files/ha/user_variables.yml
@@ -154,7 +154,7 @@ trove_wsgi_processes: 1
 sahara_api_workers_max: 2
 sahara_api_workers: 1
 
-openrc_os_auth_url: "http://192.168.122.220:5000/v3"
+openrc_os_auth_url: "https://192.168.122.220:5000/v3"
 keystone_auth_admin_password: "opnfv-secret-password"
 openrc_os_password: "opnfv-secret-password"
 openrc_os_domain_name: "Default"
@@ -163,9 +163,6 @@ openrc_nova_endpoint_type: "publicURL"
 openrc_os_endpoint_type: "publicURL"
 openrc_clouds_yml_interface: "public"
 openrc_region_name: RegionOne
-haproxy_ssl: false
-openstack_service_publicuri_proto: http
-haproxy_user_ssl_cert: "/etc/ssl/certs/xci.crt"
-haproxy_user_ssl_key: "/etc/ssl/private/xci.key"
+openrc_insecure: true
 keystone_service_adminuri_insecure: true
 keystone_service_internaluri_insecure: true