Add tls roles for undercloud
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Co-Authored-By: Dan Prince <dprince@redhat.com> Co-Authored-By: Ian Main <imain@redhat.com> Change-Id: Icca382db28e4ea57f3cbf24e9e794b428b824db5
This commit is contained in:
parent
0834134fd6
commit
7a5d5a8e1b
|
@ -0,0 +1,7 @@
|
||||||
|
parameter_defaults:
|
||||||
|
InternalTLSCAFile: '/etc/pki/ca-trust/source/anchors/cm-local-ca.pem'
|
||||||
|
PublicSSLCertificateAutogenerated: true
|
||||||
|
|
||||||
|
resource_registry:
|
||||||
|
OS::TripleO::Services::CertmongerUser: ../puppet/services/certmonger-user.yaml
|
||||||
|
OS::TripleO::Services::HAProxyPublicTLS: ../puppet/services/haproxy-public-tls-certmonger.yaml
|
|
@ -0,0 +1,2 @@
|
||||||
|
resource_registry:
|
||||||
|
OS::TripleO::Services::UndercloudHAProxy: ../../docker/services/haproxy.yaml
|
|
@ -0,0 +1,2 @@
|
||||||
|
resource_registry:
|
||||||
|
OS::TripleO::Services::UndercloudKeepalived: ../../docker/services/keepalived.yaml
|
|
@ -0,0 +1,2 @@
|
||||||
|
resource_registry:
|
||||||
|
OS::TripleO::Services::UndercloudHAProxy: ../../puppet/services/haproxy.yaml
|
|
@ -0,0 +1,2 @@
|
||||||
|
resource_registry:
|
||||||
|
OS::TripleO::Services::UndercloudKeepalived: ../../puppet/services/keepalived.yaml
|
|
@ -18,6 +18,12 @@ parameters:
|
||||||
description: Name of the port
|
description: Name of the port
|
||||||
default: ''
|
default: ''
|
||||||
type: string
|
type: string
|
||||||
|
FixedIPs:
|
||||||
|
description: >
|
||||||
|
Control the IP allocation for the VIP port. E.g.
|
||||||
|
[{'ip_address':'1.2.3.4'}]
|
||||||
|
default: []
|
||||||
|
type: json
|
||||||
ControlPlaneIP: # Here for compatibility with noop.yaml
|
ControlPlaneIP: # Here for compatibility with noop.yaml
|
||||||
description: IP address on the control plane
|
description: IP address on the control plane
|
||||||
default: ''
|
default: ''
|
||||||
|
|
|
@ -241,8 +241,14 @@ resource_registry:
|
||||||
OS::TripleO::Services::UndercloudGnocchiApi: OS::Heat::None
|
OS::TripleO::Services::UndercloudGnocchiApi: OS::Heat::None
|
||||||
OS::TripleO::Services::UndercloudGnocchiMetricd: OS::Heat::None
|
OS::TripleO::Services::UndercloudGnocchiMetricd: OS::Heat::None
|
||||||
OS::TripleO::Services::UndercloudGnocchiStatsd: OS::Heat::None
|
OS::TripleO::Services::UndercloudGnocchiStatsd: OS::Heat::None
|
||||||
|
|
||||||
# Redis
|
# Redis
|
||||||
OS::TripleO::Services::UndercloudRedis: OS::Heat::None
|
OS::TripleO::Services::UndercloudRedis: OS::Heat::None
|
||||||
|
|
||||||
|
# Undercloud HA services
|
||||||
|
OS::TripleO::Services::UndercloudHAProxy: OS::Heat::None
|
||||||
|
OS::TripleO::Services::UndercloudKeepalived: OS::Heat::None
|
||||||
|
|
||||||
# Services that are disabled by default (use relevant environment files):
|
# Services that are disabled by default (use relevant environment files):
|
||||||
OS::TripleO::Services::Fluentd: OS::Heat::None
|
OS::TripleO::Services::Fluentd: OS::Heat::None
|
||||||
OS::TripleO::Services::Ipsec: OS::Heat::None
|
OS::TripleO::Services::Ipsec: OS::Heat::None
|
||||||
|
|
|
@ -13,6 +13,8 @@
|
||||||
ServicesDefault:
|
ServicesDefault:
|
||||||
- OS::TripleO::Services::Aide
|
- OS::TripleO::Services::Aide
|
||||||
- OS::TripleO::Services::Apache
|
- OS::TripleO::Services::Apache
|
||||||
|
- OS::TripleO::Services::CACerts
|
||||||
|
- OS::TripleO::Services::CertmongerUser
|
||||||
- OS::TripleO::Services::Docker
|
- OS::TripleO::Services::Docker
|
||||||
- OS::TripleO::Services::DockerRegistry
|
- OS::TripleO::Services::DockerRegistry
|
||||||
- OS::TripleO::Services::GlanceApi
|
- OS::TripleO::Services::GlanceApi
|
||||||
|
@ -67,4 +69,6 @@
|
||||||
- OS::TripleO::Services::UndercloudCinderScheduler
|
- OS::TripleO::Services::UndercloudCinderScheduler
|
||||||
- OS::TripleO::Services::UndercloudCinderVolume
|
- OS::TripleO::Services::UndercloudCinderVolume
|
||||||
- OS::TripleO::Services::UndercloudRedis
|
- OS::TripleO::Services::UndercloudRedis
|
||||||
|
- OS::TripleO::Services::UndercloudHAProxy
|
||||||
|
- OS::TripleO::Services::UndercloudKeepalived
|
||||||
- OS::TripleO::Services::Zaqar
|
- OS::TripleO::Services::Zaqar
|
||||||
|
|
|
@ -16,6 +16,8 @@
|
||||||
ServicesDefault:
|
ServicesDefault:
|
||||||
- OS::TripleO::Services::Aide
|
- OS::TripleO::Services::Aide
|
||||||
- OS::TripleO::Services::Apache
|
- OS::TripleO::Services::Apache
|
||||||
|
- OS::TripleO::Services::CACerts
|
||||||
|
- OS::TripleO::Services::CertmongerUser
|
||||||
- OS::TripleO::Services::Docker
|
- OS::TripleO::Services::Docker
|
||||||
- OS::TripleO::Services::DockerRegistry
|
- OS::TripleO::Services::DockerRegistry
|
||||||
- OS::TripleO::Services::GlanceApi
|
- OS::TripleO::Services::GlanceApi
|
||||||
|
@ -70,5 +72,7 @@
|
||||||
- OS::TripleO::Services::UndercloudCinderScheduler
|
- OS::TripleO::Services::UndercloudCinderScheduler
|
||||||
- OS::TripleO::Services::UndercloudCinderVolume
|
- OS::TripleO::Services::UndercloudCinderVolume
|
||||||
- OS::TripleO::Services::UndercloudRedis
|
- OS::TripleO::Services::UndercloudRedis
|
||||||
|
- OS::TripleO::Services::UndercloudHAProxy
|
||||||
|
- OS::TripleO::Services::UndercloudKeepalived
|
||||||
- OS::TripleO::Services::Zaqar
|
- OS::TripleO::Services::Zaqar
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue