openstack/tripleo-heat-templates
Code Issues Proposed changes

Merge "Copy-in libvirt certs via kolla extended/start"

Browse Source
This commit is contained in:
Zuul 2018-05-03 06:39:54 +00:00 committed by Gerrit Code Review
commit bea70218ac
1 changed files with 11 additions and 6 deletions

17
docker/services/nova-libvirt.yaml

@ -235,6 +235,11 @@ outputs:
dest: "/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-tls/*"
dest: "/"
merge: true
preserve_properties: true
optional: true
- source: "/var/lib/kolla/config_files/src-ceph/"
dest: "/etc/ceph/"
merge: true
@ -329,24 +334,24 @@ outputs:
- use_tls_for_live_migration
-
- str_replace:
template: "CACERT:/etc/pki/CA/cacert.pem:ro"
template: "CACERT:/var/lib/kolla/config_files/src-tls/etc/pki/CA/cacert.pem:ro"
params:
CACERT:
if:
- libvirt_specific_ca_unset
- get_param: InternalTLSCAFile
- get_param: LibvirtCACert
- /etc/pki/libvirt/servercert.pem:/etc/pki/libvirt/servercert.pem:ro
- /etc/pki/libvirt/private/serverkey.pem:/etc/pki/libvirt/private/serverkey.pem:ro
- /etc/pki/libvirt/clientcert.pem:/etc/pki/libvirt/clientcert.pem:ro
- /etc/pki/libvirt/private/clientkey.pem:/etc/pki/libvirt/private/clientkey.pem:ro
- /etc/pki/libvirt/servercert.pem:/var/lib/kolla/config_files/src-tls/etc/pki/libvirt/servercert.pem:ro
- /etc/pki/libvirt/private/serverkey.pem:/var/lib/kolla/config_files/src-tls/etc/pki/libvirt/private/serverkey.pem:ro
- /etc/pki/libvirt/clientcert.pem:/var/lib/kolla/config_files/src-tls/etc/pki/libvirt/clientcert.pem:ro
- /etc/pki/libvirt/private/clientkey.pem:/var/lib/kolla/config_files/src-tls/etc/pki/libvirt/private/clientkey.pem:ro
- null
-
if:
- use_tls_for_vnc
-
- str_replace:
template: "CACERT:/etc/pki/libvirt-vnc/ca-cert.pem:ro"
template: "CACERT:/var/lib/kolla/config_files/src-tls/etc/pki/libvirt-vnc/ca-cert.pem:ro"
params:
CACERT:
if: