keystone ssl ca sync whenver we sync passwords

2014-03-04 08:56:18 -05:00 · 2014-03-04 08:56:18 -05:00 · 41e6992ea7
commit 41e6992ea7
parent 45ca9775cd
2 changed files with 5 additions and 3 deletions
--- a/hooks/keystone_ssl.py
+++ b/hooks/keystone_ssl.py
@ -1,10 +1,12 @@
 #!/usr/bin/python

+import base64
 import os
 import shutil
 import subprocess
 import tarfile
 import tempfile
+import zipfile

 CA_EXPIRY = '365'
 ORG_NAME = 'Ubuntu'
--- a/hooks/keystone_utils.py
+++ b/hooks/keystone_utils.py
@ -552,6 +552,9 @@ def synchronize_service_credentials():
        unison.sync_to_peers(peer_interface='cluster',
                             paths=[SERVICE_PASSWD_PATH], user=SSH_USER,
                             verbose=True)
+        if config('http-service-endpoints') in ['True', 'true']:
+            unison.sync_to_peers(peer_interface='cluster',
+                                 paths=[SSL_DIR], user=SSH_USER, verbose=True)

 CA = []

@ -746,9 +749,6 @@ def add_service_to_keystone(relation_id=None, remote_unit=None):
        relation_data['ssl_key'] = b64encode(key)
        relation_data['ca_cert'] = b64encode(ca_bundle)
        relation_data['https_keystone'] = 'True'
-        if is_clustered():
-            unison.sync_to_peers(peer_interface='cluster',
-                                 paths=[SSL_DIR], user=SSH_USER, verbose=True)
    relation_set(relation_id=relation_id,
                 **relation_data)