1d12ca545e
Various kolla-ansible TLS features (including backend TLS and custom CA certs) require certificates to be passed via $KOLLA_CONFIG_PATH/certificates/. Currently Kayobe does not support this. This change adds support for copying across files from $KAYOBE_CONFIG_PATH/kolla/certificates. It also uses the kolla-ansible default value for kolla_external_fqdn_cert and kolla_internal_fqdn_cert when kolla_external_tls_cert and kolla_internal_tls_cert are respectively not set. This allows for the standard kolla-ansible configuration approach of dropping these certificates into the $KAYOBE_CONFIG_PATH/kolla/certificates directory, rather than defining them as variables. This can be useful if using the kolla-ansible certificates command to generate certificates for testing. Change-Id: I646930ad8ea70991d6ffa00f15f93f72d922141b Story: 2007679 Task: 39790
17 lines
796 B
YAML
17 lines
796 B
YAML
---
|
|
features:
|
|
- |
|
|
Adds support for passing custom TLS certificates to Kolla Ansible via
|
|
``${KAYOBE_CONFIG_PATH}/kolla/certificates/``. See `story 2007679
|
|
<https://storyboard.openstack.org/#!/story/2007679>`__ for details.
|
|
upgrade:
|
|
- |
|
|
Reverts to use the Kolla Ansible default value for
|
|
``kolla_external_fqdn_cert`` and ``kolla_internal_fqdn_cert`` when
|
|
``kolla_external_tls_cert`` and ``kolla_internal_tls_cert`` are
|
|
respectively not set. This allows for the standard Kolla Ansible
|
|
configuration approach of dropping these certificates into the
|
|
``$KAYOBE_CONFIG_PATH/kolla/certificates`` directory, rather than defining
|
|
them as variables. This can be useful if using the ``kolla-ansible
|
|
certificates`` command to generate certificates for testing.
|