Add dashboard_tls_external ceph-ansible parameter
This change adds the dashboard_tls_external parameter
to the ceph-ansible group_vars when tls-everywhere is
enabled.
By doing this ceph-ansible looks for cert/keys on the
overcloud nodes (where certmonger generates them)
instead of assuming they're present in the undercloud.
Change-Id: Ia8f537d847c1854893df0646fb59edfb2536de89
(cherry picked from commit 53d892a73c
)
This commit is contained in:
parent
c6ef0f2ace
commit
80aff677d7
|
@ -338,6 +338,9 @@ parameters:
|
|||
type: string
|
||||
constraints:
|
||||
- allowed_values: ['swift', 'file', 'rbd', 's3']
|
||||
EnableInternalTLS:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
parameter_groups:
|
||||
- label: deprecated
|
||||
|
@ -386,6 +389,7 @@ conditions:
|
|||
expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*?)/(.*)').split($location)[1]
|
||||
data: {get_param: ContainerCephDaemonImage}
|
||||
expression: let(c => $.data.cred) -> $c.get($.data.ns, {}).values().last(default => "").isEmpty()
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
|
||||
resources:
|
||||
ContainerImageUrlParts:
|
||||
|
@ -667,6 +671,12 @@ outputs:
|
|||
if:
|
||||
- dashboard_is_enabled
|
||||
- map_merge:
|
||||
- if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
dashboard_tls_external: true
|
||||
dashboard_grafana_api_no_ssl_verify: true
|
||||
- {}
|
||||
- {get_attr: [CephBaseAnsibleVars, value, vars]}
|
||||
- dashboard_admin_password: {get_param: CephDashboardAdminPassword}
|
||||
- grafana_admin_password: {get_param: CephGrafanaAdminPassword}
|
||||
|
|
Loading…
Reference in New Issue