Commit Graph

3 Commits

Author SHA1 Message Date
Michael Johnson
950faea6e9 Use dual intermediate CAs for devstack
This patch updates the devstack plugin to use a dual Certificate
Authority (CA) with intermediate CAs for the Octavia controller
deployment.
This is a more realistic deployment model for testing.
Note: This change uses weak security to save gate resources. Please
refer to the Octavia Certificate Configuration Guide for production
instructions.

Change-Id: I3ec135766c9a1ddb7ac6655c0ee1ccb1e78ead5c
2019-08-27 16:28:12 -07:00
Miguel Angel Ajo
257848697b Fixes pregenerated certificates validity to 50y
The existing pregenerated certificates (CA) were already expired
and not working on the multinode tests. Those pregenerated
certificates are used so all the nodes share the same CA.

This patch introduces a script to regenerate the certs in the
repo too.

Change-Id: I977c29e3d5867e22efd60d6bdda8a98a26559fc9
Closes-Bug: 1633436
2016-10-14 18:05:12 +02:00
Miguel Angel Ajo
dee7043f2f Allow deployment with pre-generated ssh keys and certificates
This patch is part of a series that will allow the deployment
of a simple multinode octavia devstack, where the certs and
ssh keys are uniform over all the controllers.

Orchestrating the deployment of the same ssh keys or certificates
becomes difficult without making use of tools like ansible otherwise.

The provided certificate is valid for 10 years.

Change-Id: I45e8e54d58a725281636a61fdb769265de50d9ba
2016-06-02 13:40:39 +00:00