fd28087229
Working towards the blueprint that will add TLS protection for the external endpoints, kolla needs certificates. When kolla deploys OpenStack, the external VIP will need a server side certifcate. Clients that access those endpoints will need the public CA certificate that signed that certificate. This ansible script will create these two certificates to make it easy to use TLS in a test environment. The generated certificate files are: /etc/kolla/certificates/haproxy.pem (server side certificate) /etc/kolla/certificates/haproxy-ca.pem (CA certificate) The generated certificates are not suitable for use in a production environment, but will be useful for testing and verifying operations. Partially-implements: blueprint ssl-kolla Change-Id: I208777f9e5eee3bfb06810c7b18a2727beda234d
5 lines
45 B
YAML
5 lines
45 B
YAML
---
|
|
- hosts: all
|
|
roles:
|
|
- certificates
|