Add roles to SSL tasks

To distribute keys amongst nodes other than controller and compute, add those nodes roles to SSL tasks.yaml file. Change-Id: Ia8389d2c4bffd5b30de8dcbe678c25ca3e9b8d38 Closes-Bug: #1490513
2015-08-31 14:18:24 +03:00 · 2015-08-31 14:18:24 +03:00 · 431e0f8358
parent f9aa52cdbf
commit 431e0f8358
3 changed files with 22 additions and 11 deletions
--- a/deployment/puppet/osnailyfacter/modular/ssl/tasks.yaml
+++ b/deployment/puppet/osnailyfacter/modular/ssl/tasks.yaml
@ -1,6 +1,6 @@
 - id: ssl-keys-saving
  type: puppet
-  groups: [primary-controller, controller, compute]
+  groups: [primary-controller, controller, compute, compute-vmware, cinder, cinder-vmware, primary-mongo, mongo, ceph-osd, virt]
  requires: [firewall]
  condition: "(settings:public_ssl.horizon.value == true or settings:public_ssl.services.value == true) and settings:public_ssl.cert_source.value == 'user_uploaded'"
  required_for: [deploy_end]
@ -13,7 +13,7 @@

 - id: ssl-add-trust-chain
  type: puppet
-  groups: [primary-controller, controller, compute]
+  groups: [primary-controller, controller, compute, compute-vmware, cinder, cinder-vmware, primary-mongo, mongo, ceph-osd, virt]
  requires: [firewall, ssl-keys-saving]
  condition: "settings:public_ssl.horizon.value == true or settings:public_ssl.services.value == true"
  required_for: [hosts]
--- a/tests/noop/astute.yaml/neut_gre.generate_vms.yaml
+++ b/tests/noop/astute.yaml/neut_gre.generate_vms.yaml
@ -64,6 +64,16 @@ external_ntp:
    label: Upstream NTP
    weight: 100
  ntp_list: 0.pool.ntp.org, 1.pool.ntp.org
+public_ssl:
+  metadata:
+    label: Public TLS
+    weight: 110
+  horizon: true
+  services: true
+  cert_source: self_signed
+  cert_data:
+    content: 'somedataaboutyourkeypair'
+  hostname: public.fuel.local
 fail_if_error: true
 fqdn: node-128.test.domain.local
 fuel_version: '6.1'
--- a/tests/noop/astute.yaml/novanet_flat.compute-vmware-role.yaml
+++ b/tests/noop/astute.yaml/novanet_flat.compute-vmware-role.yaml
@ -341,19 +341,19 @@ repo_setup:
  - name: ubuntu
    section: main universe multiverse
    uri: http://archive.ubuntu.com/ubuntu/
-    priority: 
+    priority:
    suite: trusty
    type: deb
  - name: ubuntu-updates
    section: main universe multiverse
    uri: http://archive.ubuntu.com/ubuntu/
-    priority: 
+    priority:
    suite: trusty-updates
    type: deb
  - name: ubuntu-security
    section: main universe multiverse
    uri: http://archive.ubuntu.com/ubuntu/
-    priority: 
+    priority:
    suite: trusty-security
    type: deb
  - name: mos
@ -587,14 +587,15 @@ access:
 last_controller: node-1
 fqdn: node-2.test.domain.local
 public_ssl:
-  hostname: 10.109.6.2
+  metadata:
+    label: Public TLS
+    weight: 110
  horizon: true
  services: true
-  cert_data: ''
  cert_source: self_signed
-  metadata:
-    weight: 110
-    label: Public TLS
+  cert_data:
+    content: 'somedataaboutyourkeypair'
+  hostname: public.fuel.local
 auto_assign_floating_ip: false
 mp:
 - weight: '1'
@ -631,4 +632,4 @@ external_ntp:
  metadata:
    weight: 100
    label: Host OS NTP Servers
-openstack_version_prev: 
+openstack_version_prev: