From 3cf4e396fe8621afad624f3935ab69e9e082388f Mon Sep 17 00:00:00 2001
From: Markos Chandras <mchandras@suse.de>
Date: Fri, 14 Sep 2018 16:33:11 +0100
Subject: xci: Drop custom XCI certificates

OSM requires a CA even when we create a self-signed certificate. We
don't actually need to do that since HAproxy and friends can create the
whole chain for us, so we can finally get rid of this playbook.

installer-type:osa
deploy-scenario:os-nosdn-nofeature

Change-Id: I14a3adbe3492cd6c562c5167c42dd45756e8e3dd
Signed-off-by: Markos Chandras <mchandras@suse.de>
---
 xci/installer/kubespray/playbooks/configure-targethosts.yml | 2 --
 1 file changed, 2 deletions(-)

(limited to 'xci/installer/kubespray/playbooks/configure-targethosts.yml')

diff --git a/xci/installer/kubespray/playbooks/configure-targethosts.yml b/xci/installer/kubespray/playbooks/configure-targethosts.yml
index 7989bfb6..859460c6 100644
--- a/xci/installer/kubespray/playbooks/configure-targethosts.yml
+++ b/xci/installer/kubespray/playbooks/configure-targethosts.yml
@@ -37,6 +37,4 @@
       when:  xci_flavor == 'ha'
     - role: "haproxy_server"
       haproxy_service_configs: "{{ haproxy_default_services}}"
-      haproxy_user_ssl_cert: "/etc/ssl/certs/xci.crt"
-      haproxy_user_ssl_key: "/etc/ssl/private/xci.key"
       when:  xci_flavor == 'ha'
-- 
cgit 1.2.3-korg