ac1d2b5dda
This patch enables SSL to be used with glance-simplestreams-sync. The ssl_ca option allows a base64 encoded PEM CA certificate to be used with g-s-s such that the keystone and glance HTTPS sessions are verified using that certificate. A new basic_deployment_ssl.py is introduced that just verifies that the gss charm can get gss to perform a sync; this verifies that gss can communicate with https versions of keystone and glance. Note that the simplestreams package also requires a change for SSL to function properly. As simplestreams doesn't seem to use PyPi, the version from the git master will need to be used. Change-Id: Idcdcb2c933a92a558e729aeb718b58d4077621a7 Closes-Bug: #1802407
43 lines
1.1 KiB
YAML
43 lines
1.1 KiB
YAML
|
|
api_version: {{ api_version }}
|
|
auth_host: {{ auth_host }}
|
|
auth_port: {{ auth_port }}
|
|
auth_protocol: {{ auth_protocol }}
|
|
service_host: {{ service_host }}
|
|
service_port: {{ service_port }}
|
|
service_protocol: {{ service_protocol }}
|
|
admin_tenant_id: {{ admin_tenant_id }}
|
|
admin_tenant_name: {{ admin_tenant_name }}
|
|
admin_user: {{ admin_user }}
|
|
admin_password: {{ admin_password }}
|
|
{% if ssl_ca -%}
|
|
ssl_ca: {{ ssl_ca }}
|
|
{% endif -%}
|
|
|
|
{% if api_version == '3' -%}
|
|
admin_domain_name: {{ admin_domain_name }}
|
|
{% endif -%}
|
|
unit_name: {{ unit_name }}
|
|
|
|
{% if rabbitmq_host or rabbitmq_hosts -%}
|
|
rabbit_userid: {{ rabbitmq_user }}
|
|
rabbit_virtual_host: {{ rabbitmq_virtual_host }}
|
|
rabbit_password: {{ rabbitmq_password }}
|
|
{% if rabbitmq_hosts -%}
|
|
rabbit_hosts: {{ rabbitmq_hosts }}
|
|
{% if rabbitmq_ha_queues -%}
|
|
rabbit_ha_queues: True
|
|
rabbit_durable_queues: False
|
|
{% endif -%}
|
|
{% else -%}
|
|
rabbit_host: {{ rabbitmq_host }}
|
|
{% endif -%}
|
|
{% if rabbit_ssl_port -%}
|
|
rabbit_use_ssl: True
|
|
rabbit_port: {{ rabbit_ssl_port }}
|
|
{% if rabbit_ssl_ca -%}
|
|
kombu_ssl_ca_certs: {{ rabbit_ssl_ca }}
|
|
{% endif -%}
|
|
{% endif -%}
|
|
{% endif -%}
|