Copy-in neutron cert via kolla extended/start
Instead of bind-mounting in RW mode, follow the established approach for ditributing certificates in containers. Related-Bug: #1759049 Partial-Bug: #1767998 Change-Id: I6bcb72b8b600b6b1d916b64c161bca22c802cf07 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
This commit is contained in:
parent
e24316c4ec
commit
bce3452104
|
@ -112,6 +112,11 @@ outputs:
|
|||
dest: "/"
|
||||
merge: true
|
||||
preserve_properties: true
|
||||
- source: "/var/lib/kolla/config_files/src-tls/*"
|
||||
dest: "/"
|
||||
merge: true
|
||||
preserve_properties: true
|
||||
optional: true
|
||||
permissions:
|
||||
- path: /var/log/neutron
|
||||
owner: neutron:neutron
|
||||
|
@ -149,8 +154,8 @@ outputs:
|
|||
-
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
- - /etc/pki/tls/certs/neutron.crt:/etc/pki/tls/certs/neutron.crt
|
||||
- /etc/pki/tls/private/neutron.key:/etc/pki/tls/private/neutron.key
|
||||
- - /etc/pki/tls/certs/neutron.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/neutron.crt:ro
|
||||
- /etc/pki/tls/private/neutron.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/neutron.key:ro
|
||||
- list_join:
|
||||
- ':'
|
||||
- - {get_param: InternalTLSCAFile}
|
||||
|
|
Loading…
Reference in New Issue