summaryrefslogtreecommitdiffstats
path: root/xci/installer
diff options
context:
space:
mode:
Diffstat (limited to 'xci/installer')
-rw-r--r--xci/installer/kubespray/playbooks/configure-opnfvhost.yml3
-rw-r--r--xci/installer/kubespray/playbooks/configure-targethosts.yml2
-rw-r--r--xci/installer/osa/files/ha/user_variables.yml2
-rw-r--r--xci/installer/osa/files/mini/user_variables.yml2
-rw-r--r--xci/installer/osa/files/noha/user_variables.yml2
-rw-r--r--xci/installer/osa/playbooks/configure-opnfvhost.yml5
6 files changed, 16 insertions, 0 deletions
diff --git a/xci/installer/kubespray/playbooks/configure-opnfvhost.yml b/xci/installer/kubespray/playbooks/configure-opnfvhost.yml
index 36104b6c..00a8053f 100644
--- a/xci/installer/kubespray/playbooks/configure-opnfvhost.yml
+++ b/xci/installer/kubespray/playbooks/configure-opnfvhost.yml
@@ -83,6 +83,9 @@
- { name: 'netaddr' }
- { name: 'ansible-modules-hashivault' }
+ - name: Configure SSL certificates
+ include_tasks: "{{ xci_path }}/xci/playbooks/manage-ssl-certs.yml"
+
- name: fetch xci environment
copy:
src: "{{ xci_path }}/.cache/xci.env"
diff --git a/xci/installer/kubespray/playbooks/configure-targethosts.yml b/xci/installer/kubespray/playbooks/configure-targethosts.yml
index 859460c6..7989bfb6 100644
--- a/xci/installer/kubespray/playbooks/configure-targethosts.yml
+++ b/xci/installer/kubespray/playbooks/configure-targethosts.yml
@@ -37,4 +37,6 @@
when: xci_flavor == 'ha'
- role: "haproxy_server"
haproxy_service_configs: "{{ haproxy_default_services}}"
+ haproxy_user_ssl_cert: "/etc/ssl/certs/xci.crt"
+ haproxy_user_ssl_key: "/etc/ssl/private/xci.key"
when: xci_flavor == 'ha'
diff --git a/xci/installer/osa/files/ha/user_variables.yml b/xci/installer/osa/files/ha/user_variables.yml
index 8c2e9f0c..abbe688e 100644
--- a/xci/installer/osa/files/ha/user_variables.yml
+++ b/xci/installer/osa/files/ha/user_variables.yml
@@ -164,5 +164,7 @@ openrc_os_endpoint_type: "publicURL"
openrc_clouds_yml_interface: "public"
openrc_region_name: RegionOne
openrc_insecure: true
+haproxy_user_ssl_cert: "/etc/ssl/certs/xci.crt"
+haproxy_user_ssl_key: "/etc/ssl/private/xci.key"
keystone_service_adminuri_insecure: true
keystone_service_internaluri_insecure: true
diff --git a/xci/installer/osa/files/mini/user_variables.yml b/xci/installer/osa/files/mini/user_variables.yml
index b4d847bc..db956e38 100644
--- a/xci/installer/osa/files/mini/user_variables.yml
+++ b/xci/installer/osa/files/mini/user_variables.yml
@@ -164,5 +164,7 @@ openrc_os_endpoint_type: "publicURL"
openrc_clouds_yml_interface: "public"
openrc_region_name: RegionOne
openrc_insecure: true
+haproxy_user_ssl_cert: "/etc/ssl/certs/xci.crt"
+haproxy_user_ssl_key: "/etc/ssl/private/xci.key"
keystone_service_adminuri_insecure: true
keystone_service_internaluri_insecure: true
diff --git a/xci/installer/osa/files/noha/user_variables.yml b/xci/installer/osa/files/noha/user_variables.yml
index 5e7ed83c..b9fd2e89 100644
--- a/xci/installer/osa/files/noha/user_variables.yml
+++ b/xci/installer/osa/files/noha/user_variables.yml
@@ -164,5 +164,7 @@ openrc_os_endpoint_type: "publicURL"
openrc_clouds_yml_interface: "public"
openrc_region_name: RegionOne
openrc_insecure: true
+haproxy_user_ssl_cert: "/etc/ssl/certs/xci.crt"
+haproxy_user_ssl_key: "/etc/ssl/private/xci.key"
keystone_service_adminuri_insecure: true
keystone_service_internaluri_insecure: true
diff --git a/xci/installer/osa/playbooks/configure-opnfvhost.yml b/xci/installer/osa/playbooks/configure-opnfvhost.yml
index 768b6564..b677fecd 100644
--- a/xci/installer/osa/playbooks/configure-opnfvhost.yml
+++ b/xci/installer/osa/playbooks/configure-opnfvhost.yml
@@ -158,6 +158,11 @@
chdir: "{{openstack_osa_path}}/scripts"
changed_when: True
+ - name: Configure SSL certificates
+ include_tasks: "{{ xci_path }}/xci/playbooks/manage-ssl-certs.yml"
+ vars:
+ extra_args: "-c https://raw.githubusercontent.com/openstack/requirements/{{ requirements_git_install_branch }}/upper-constraints.txt"
+
- name: fetch xci environment
copy:
src: "{{ xci_path }}/.cache/xci.env"