Add roles to SSL tasks
To distribute keys amongst nodes other than controller and compute, add those nodes roles to SSL tasks.yaml file. Change-Id: Ia8389d2c4bffd5b30de8dcbe678c25ca3e9b8d38 Closes-Bug: #1490513
This commit is contained in:
parent
f9aa52cdbf
commit
431e0f8358
@ -1,6 +1,6 @@
|
||||
- id: ssl-keys-saving
|
||||
type: puppet
|
||||
groups: [primary-controller, controller, compute]
|
||||
groups: [primary-controller, controller, compute, compute-vmware, cinder, cinder-vmware, primary-mongo, mongo, ceph-osd, virt]
|
||||
requires: [firewall]
|
||||
condition: "(settings:public_ssl.horizon.value == true or settings:public_ssl.services.value == true) and settings:public_ssl.cert_source.value == 'user_uploaded'"
|
||||
required_for: [deploy_end]
|
||||
@ -13,7 +13,7 @@
|
||||
|
||||
- id: ssl-add-trust-chain
|
||||
type: puppet
|
||||
groups: [primary-controller, controller, compute]
|
||||
groups: [primary-controller, controller, compute, compute-vmware, cinder, cinder-vmware, primary-mongo, mongo, ceph-osd, virt]
|
||||
requires: [firewall, ssl-keys-saving]
|
||||
condition: "settings:public_ssl.horizon.value == true or settings:public_ssl.services.value == true"
|
||||
required_for: [hosts]
|
||||
|
@ -64,6 +64,16 @@ external_ntp:
|
||||
label: Upstream NTP
|
||||
weight: 100
|
||||
ntp_list: 0.pool.ntp.org, 1.pool.ntp.org
|
||||
public_ssl:
|
||||
metadata:
|
||||
label: Public TLS
|
||||
weight: 110
|
||||
horizon: true
|
||||
services: true
|
||||
cert_source: self_signed
|
||||
cert_data:
|
||||
content: 'somedataaboutyourkeypair'
|
||||
hostname: public.fuel.local
|
||||
fail_if_error: true
|
||||
fqdn: node-128.test.domain.local
|
||||
fuel_version: '6.1'
|
||||
|
@ -587,14 +587,15 @@ access:
|
||||
last_controller: node-1
|
||||
fqdn: node-2.test.domain.local
|
||||
public_ssl:
|
||||
hostname: 10.109.6.2
|
||||
metadata:
|
||||
label: Public TLS
|
||||
weight: 110
|
||||
horizon: true
|
||||
services: true
|
||||
cert_data: ''
|
||||
cert_source: self_signed
|
||||
metadata:
|
||||
weight: 110
|
||||
label: Public TLS
|
||||
cert_data:
|
||||
content: 'somedataaboutyourkeypair'
|
||||
hostname: public.fuel.local
|
||||
auto_assign_floating_ip: false
|
||||
mp:
|
||||
- weight: '1'
|
||||
|
Loading…
Reference in New Issue
Block a user