bd057784d5
Add functionality to keystone to act as a certificate transfer provider. Add actions to add, remove, list CA certs to keystone. Add Certificate Transfer requires handler in ops_sunbeam. Update keystone_auth section cafile option if certificate is available in receive-ca-cert relation. Update metadata.yaml for keystone and rest of k8s charms. Change-Id: I9c800e8f8a0c9197b195331be7b445bafe794780
55 lines
1.3 KiB
YAML
55 lines
1.3 KiB
YAML
name: designate-k8s
|
|
summary: OpenStack designate service
|
|
maintainer: OpenStack Charmers <openstack-charmers@lists.ubuntu.com>
|
|
description: |
|
|
Designate is a multi-tenant DNSaaS service for OpenStack. It provides a REST API with integrated Keystone authentication.
|
|
It can be configured to auto-generate records based on Nova and Neutron actions.
|
|
Designate supports a variety of DNS servers including Bind9 and PowerDNS 4.
|
|
version: 3
|
|
bases:
|
|
- name: ubuntu
|
|
channel: 22.04/stable
|
|
assumes:
|
|
- k8s-api
|
|
- juju >= 3.1
|
|
tags:
|
|
- openstack
|
|
source: https://opendev.org/openstack/charm-designate-k8s
|
|
issues: https://bugs.launchpad.net/charm-designate-k8s
|
|
|
|
containers:
|
|
designate:
|
|
resource: designate-image
|
|
|
|
resources:
|
|
designate-image:
|
|
type: oci-image
|
|
description: OCI image for OpenStack designate
|
|
upstream-source: ghcr.io/canonical/designate-consolidated:2023.2
|
|
|
|
requires:
|
|
database:
|
|
interface: mysql_client
|
|
limit: 1
|
|
identity-service:
|
|
interface: keystone
|
|
ingress-internal:
|
|
interface: ingress
|
|
optional: true
|
|
limit: 1
|
|
ingress-public:
|
|
interface: ingress
|
|
limit: 1
|
|
amqp:
|
|
interface: rabbitmq
|
|
dns-backend:
|
|
interface: bind-rndc
|
|
limit: 1
|
|
receive-ca-cert:
|
|
interface: certificate_transfer
|
|
optional: true
|
|
|
|
peers:
|
|
peers:
|
|
interface: designate-peer
|