Merge "Add NodeTLSData to generic role.role.j2.yaml"
This commit is contained in:
commit
083d654e5c
|
@ -513,14 +513,27 @@ resources:
|
|||
fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
|
||||
fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
|
||||
fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
|
||||
{%- if 'primary' in role.tags and 'controller' in role.tags %}
|
||||
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
|
||||
{%- endif -%}
|
||||
|
||||
# Resource for site-specific injection of root certificate
|
||||
NodeTLSCAData:
|
||||
depends_on: {{role.name}}Deployment
|
||||
depends_on: NetworkDeployment
|
||||
type: OS::TripleO::NodeTLSCAData
|
||||
properties:
|
||||
server: {get_resource: {{role.name}}}
|
||||
|
||||
{%- if 'primary' in role.tags and 'controller' in role.tags %}
|
||||
# Resource for site-specific passing of private keys/certificates
|
||||
NodeTLSData:
|
||||
depends_on: NodeTLSCAData
|
||||
type: OS::TripleO::NodeTLSData
|
||||
properties:
|
||||
server: {get_resource: {{role.name}}}
|
||||
NodeIndex: {get_param: NodeIndex}
|
||||
{%- endif -%}
|
||||
|
||||
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
|
||||
{{role.name}}ExtraConfigPre:
|
||||
depends_on: {{role.name}}Deployment
|
||||
|
@ -534,7 +547,13 @@ resources:
|
|||
# Hook for site-specific additional pre-deployment config,
|
||||
# applying to all nodes, e.g node registration/unregistration
|
||||
NodeExtraConfig:
|
||||
depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData]
|
||||
depends_on:
|
||||
- {{role.name}}ExtraConfigPre
|
||||
{%- if 'primary' in role.tags and 'controller' in role.tags %}
|
||||
- NodeTLSData
|
||||
{%- else %}
|
||||
- NodeTLSCAData
|
||||
{%- endif %}
|
||||
type: OS::TripleO::NodeExtraConfig
|
||||
# We have to use conditions here so that we don't break backwards
|
||||
# compatibility with templates everywhere
|
||||
|
@ -674,6 +693,14 @@ CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
|
|||
- 6
|
||||
- 0
|
||||
- keys: {hostname: {get_param: Hostname}}
|
||||
{%- if 'primary' in role.tags and 'controller' in role.tags %}
|
||||
tls_key_modulus_md5:
|
||||
description: MD5 checksum of the TLS Key Modulus
|
||||
value: {get_attr: [NodeTLSData, key_modulus_md5]}
|
||||
tls_cert_modulus_md5:
|
||||
description: MD5 checksum of the TLS Certificate Modulus
|
||||
value: {get_attr: [NodeTLSData, cert_modulus_md5]}
|
||||
{%- endif %}
|
||||
os_collect_config:
|
||||
description: The os-collect-config configuration associated with this server resource
|
||||
value: {get_attr: [{{role.name}}, os_collect_config]}
|
||||
|
|
Loading…
Reference in New Issue