65dfb2009f
In the drivers section of magnum.conf add openstack_ca_file. This file is expected to be a CA Certificate OR CA bundle which will be passed on every node and it will be installed on the host's CA bundle. Update devstack plugin to use the ssl bundle if tls-proxy is enabled. Install the CA for drivers: k8s_coreos_v1 k8s_fedora_atomic_v1 k8s_fedora_ironic_v1 mesos_ubuntu_v1 swarm_fedora_atomic_v1 swarm_fedora_atomic_v2 Add doc in troubleshooting-guide. Add release notes. Closes-Bug: #1580704 Partially-Implements: blueprint heat-agent Change-Id: Id48fbea187da667a5e7334694c3ec17c8e2504db
26 lines
587 B
Bash
26 lines
587 B
Bash
#!/bin/sh
|
|
|
|
. /etc/sysconfig/heat-params
|
|
|
|
KUBE_OS_CLOUD_CONFIG=/etc/kubernetes/kube_openstack_config
|
|
cp /etc/pki/tls/certs/ca-bundle.crt /etc/kubernetes/ca-bundle.crt
|
|
|
|
# Generate a the configuration for Kubernetes services
|
|
# to talk to OpenStack Neutron and Cinder
|
|
cat > $KUBE_OS_CLOUD_CONFIG <<EOF
|
|
[Global]
|
|
auth-url=$AUTH_URL
|
|
user-id=$TRUSTEE_USER_ID
|
|
password=$TRUSTEE_PASSWORD
|
|
trust-id=$TRUST_ID
|
|
ca-file=/etc/kubernetes/ca-bundle.crt
|
|
[LoadBalancer]
|
|
subnet-id=$CLUSTER_SUBNET
|
|
create-monitor=yes
|
|
monitor-delay=1m
|
|
monitor-timeout=30s
|
|
monitor-max-retries=3
|
|
[BlockStorage]
|
|
bs-version=v2
|
|
EOF
|