From c080439e227bc840c6eb1b5603c665c52f9bf044 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20Andr=C3=A9?= <m.andre@redhat.com>
Date: Wed, 23 Aug 2017 08:51:25 +0200
Subject: [PATCH] Add stunnel to redis image for tls

We need to run a container in front of redis to act as the tls proxy.
Let's reuse the redis image with stunnel in it.

bp tls-via-certmonger

Change-Id: I078567c831ade540cf704f81564e2b7654c85c0b
---
 container-images/tripleo_kolla_template_overrides.j2 | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/container-images/tripleo_kolla_template_overrides.j2 b/container-images/tripleo_kolla_template_overrides.j2
index 8ebc817cd..a171ea1ec 100644
--- a/container-images/tripleo_kolla_template_overrides.j2
+++ b/container-images/tripleo_kolla_template_overrides.j2
@@ -39,6 +39,10 @@
 # NOTE (jaosorior): neutron-server with TLS everywhere needs these packages.
 {% set neutron_server_packages_append = ['httpd', 'mod_ssl'] %}
 
+# NOTE (jaosorior): redis with TLS everywhere needs these packages.
+# redis resource-agent requires pidof
+{% set redis_packages_append = ['stunnel', 'sysvinit-tools'] %}
+
 # Remove packages not present in repos
 #
 {# 'libtomcrypt',    # EPEL, Unknown use
@@ -68,9 +72,6 @@
 ] %}
 {% set mariadb_packages_append = ['mariadb-server', 'mariadb-server-galera', 'xinetd'] %}
 
-# redis resource-agent requires pidof
-{% set redis_packages_append = ['sysvinit-tools'] %}
-
 # Required for nova migration
 {% set nova_compute_packages_append = ['openstack-nova-migration', 'openssh-server'] %}
 {% set nova_libvirt_packages_append = ['openstack-nova-migration'] %}