openstack/tripleo-heat-templates
Code Issues Proposed changes

TLS everywhere: switch Octavia to use DNS entries

Browse Source 
The entries in the tls-everywhere-endpoints-dns.yaml was wrong for
octavia; pointing to IPs instead of DNS. This made the TLS everywhere
deployment fail, since it assigns certificates for DNS subjectAltNames.

Change-Id: Ic6f0f26c03c443edf1715927a4542245e08567f4
Closes-Bug: #1822035
This commit is contained in:
Juan Antonio Osorio Robles 2019-03-28 07:52:11 +02:00
parent 7fef5c3b2a
commit a0e262e20c
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
environments/ssl/tls-everywhere-endpoints-dns.yaml
View File

@ -79,8 +79,8 @@ parameter_defaults:
NovaVNCProxyAdmin: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
NovaVNCProxyInternal: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
OctaviaAdmin: {protocol: 'https', port: '9876', host: 'IP_ADDRESS'}
OctaviaInternal: {protocol: 'https', port: '9876', host: 'IP_ADDRESS'}
OctaviaAdmin: {protocol: 'https', port: '9876', host: 'CLOUDNAME'}
OctaviaInternal: {protocol: 'https', port: '9876', host: 'CLOUDNAME'}
OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'}
OpenDaylightAdmin: {protocol: 'https', port: '8081', host: 'CLOUDNAME'}
OpenDaylightInternal: {protocol: 'https', port: '8081', host: 'CLOUDNAME'}

4
sample-env-generator/ssl.yaml
View File

@ -418,8 +418,8 @@ environments:
NovaVNCProxyAdmin: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
NovaVNCProxyInternal: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
OctaviaAdmin: {protocol: 'https', port: '9876', host: 'IP_ADDRESS'}
OctaviaInternal: {protocol: 'https', port: '9876', host: 'IP_ADDRESS'}
OctaviaAdmin: {protocol: 'https', port: '9876', host: 'CLOUDNAME'}
OctaviaInternal: {protocol: 'https', port: '9876', host: 'CLOUDNAME'}
OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'}
OpenDaylightAdmin: {protocol: 'https', port: '8081', host: 'CLOUDNAME'}
OpenDaylightInternal: {protocol: 'https', port: '8081', host: 'CLOUDNAME'}