Merge "Fix the mounting issues for the TLS everywhere deployment" into stable/train
This commit is contained in:
commit
1602e8ea78
|
@ -104,6 +104,10 @@ parameters:
|
|||
type: string
|
||||
description: Specifies the default CRL PEM file to use for revocation if
|
||||
TLS is used for services in the internal network.
|
||||
InternalTLSCRLPEMDir:
|
||||
default: '/etc/pki/CA/crl/'
|
||||
type: string
|
||||
description: The directory of the CRL PEM file to be mounted.
|
||||
|
||||
conditions:
|
||||
puppet_debug_enabled: {get_param: ConfigDebug}
|
||||
|
@ -218,6 +222,11 @@ outputs:
|
|||
- - {get_param: InternalTLSCAFile}
|
||||
- {get_param: InternalTLSCAFile}
|
||||
- 'ro,shared'
|
||||
- list_join:
|
||||
- ':'
|
||||
- - {get_param: InternalTLSCRLPEMDir}
|
||||
- {get_param: InternalTLSCRLPEMDir}
|
||||
- 'ro,shared'
|
||||
- null
|
||||
kolla_config:
|
||||
/var/lib/kolla/config_files/haproxy.json:
|
||||
|
@ -279,8 +288,8 @@ outputs:
|
|||
- /etc/pki/tls/private/haproxy:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/haproxy:ro,shared
|
||||
- list_join:
|
||||
- ':'
|
||||
- - {get_param: InternalTLSCAFile}
|
||||
- {get_param: InternalTLSCAFile}
|
||||
- - {get_param: InternalTLSCRLPEMDir}
|
||||
- {get_param: InternalTLSCRLPEMDir}
|
||||
- 'ro'
|
||||
- null
|
||||
environment:
|
||||
|
|
|
@ -43,11 +43,6 @@ parameters:
|
|||
EnableInternalTLS:
|
||||
type: boolean
|
||||
default: false
|
||||
InternalTLSCAFile:
|
||||
default: '/etc/ipa/ca.crt'
|
||||
type: string
|
||||
description: Specifies the default CA cert to use if TLS is used for
|
||||
services in the internal network.
|
||||
RabbitUserName:
|
||||
default: guest
|
||||
description: The username for RabbitMQ
|
||||
|
@ -284,11 +279,6 @@ outputs:
|
|||
- if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
- list_join:
|
||||
- ':'
|
||||
- - {get_param: InternalTLSCAFile}
|
||||
- {get_param: InternalTLSCAFile}
|
||||
- 'ro'
|
||||
- /etc/pki/tls/certs/rabbitmq.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/rabbitmq.crt:ro
|
||||
- /etc/pki/tls/private/rabbitmq.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/rabbitmq.key:ro
|
||||
- null
|
||||
|
@ -324,11 +314,6 @@ outputs:
|
|||
- if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
- list_join:
|
||||
- ':'
|
||||
- - {get_param: InternalTLSCAFile}
|
||||
- {get_param: InternalTLSCAFile}
|
||||
- 'ro'
|
||||
- /etc/pki/tls/certs/rabbitmq.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/rabbitmq.crt:ro
|
||||
- /etc/pki/tls/private/rabbitmq.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/rabbitmq.key:ro
|
||||
- null
|
||||
|
|
|
@ -43,11 +43,6 @@ parameters:
|
|||
EnableInternalTLS:
|
||||
type: boolean
|
||||
default: false
|
||||
InternalTLSCAFile:
|
||||
default: '/etc/ipa/ca.crt'
|
||||
type: string
|
||||
description: Specifies the default CA cert to use if TLS is used for
|
||||
services in the internal network.
|
||||
NotifyPort:
|
||||
default: 5672
|
||||
description: The network port for messaging Notify backend
|
||||
|
@ -225,11 +220,6 @@ outputs:
|
|||
- if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
- list_join:
|
||||
- ':'
|
||||
- - {get_param: InternalTLSCAFile}
|
||||
- {get_param: InternalTLSCAFile}
|
||||
- 'ro'
|
||||
- /etc/pki/tls/certs/rabbitmq.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/rabbitmq.crt:ro
|
||||
- /etc/pki/tls/private/rabbitmq.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/rabbitmq.key:ro
|
||||
- null
|
||||
|
@ -266,11 +256,6 @@ outputs:
|
|||
- if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
- list_join:
|
||||
- ':'
|
||||
- - {get_param: InternalTLSCAFile}
|
||||
- {get_param: InternalTLSCAFile}
|
||||
- 'ro'
|
||||
- /etc/pki/tls/certs/rabbitmq.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/rabbitmq.crt:ro
|
||||
- /etc/pki/tls/private/rabbitmq.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/rabbitmq.key:ro
|
||||
- null
|
||||
|
|
|
@ -43,11 +43,6 @@ parameters:
|
|||
EnableInternalTLS:
|
||||
type: boolean
|
||||
default: false
|
||||
InternalTLSCAFile:
|
||||
default: '/etc/ipa/ca.crt'
|
||||
type: string
|
||||
description: Specifies the default CA cert to use if TLS is used for
|
||||
services in the internal network.
|
||||
RpcPort:
|
||||
default: 5672
|
||||
description: The network port for messaging backend
|
||||
|
@ -225,11 +220,6 @@ outputs:
|
|||
- if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
- list_join:
|
||||
- ':'
|
||||
- - {get_param: InternalTLSCAFile}
|
||||
- {get_param: InternalTLSCAFile}
|
||||
- 'ro'
|
||||
- /etc/pki/tls/certs/rabbitmq.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/rabbitmq.crt:ro
|
||||
- /etc/pki/tls/private/rabbitmq.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/rabbitmq.key:ro
|
||||
- null
|
||||
|
@ -266,11 +256,6 @@ outputs:
|
|||
- if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
- list_join:
|
||||
- ':'
|
||||
- - {get_param: InternalTLSCAFile}
|
||||
- {get_param: InternalTLSCAFile}
|
||||
- 'ro'
|
||||
- /etc/pki/tls/certs/rabbitmq.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/rabbitmq.crt:ro
|
||||
- /etc/pki/tls/private/rabbitmq.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/rabbitmq.key:ro
|
||||
- null
|
||||
|
|
Loading…
Reference in New Issue