Optimize conditions for TLS support
In 1ceb521805875b41ebfafb1ff7a862df4df6fd16 we added these and can be simplified as they are are boolean parameters to get rid of the redundant heat intrinsic functions. Change-Id: I3851187c83965db5ecafcc945bff1fe3a5aa9ff4
This commit is contained in:
parent
211d5fc385
commit
cc5eb81771
deployment
ceilometer
heat
keystone
memcached
nova
@ -99,7 +99,6 @@ parameter_groups:
|
||||
conditions:
|
||||
service_debug_unset: {equals : [{get_param: CeilometerDebug}, '']}
|
||||
ceilometer_qdr_publish: {equals: [{get_param: CeilometerQdrPublish}, true]}
|
||||
memcached_tls: {equals: [{get_param: MemcachedTLS}, true]}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
@ -129,7 +128,7 @@ outputs:
|
||||
ceilometer::snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
|
||||
ceilometer::host: "%{hiera('fqdn_canonical')}"
|
||||
- if:
|
||||
- memcached_tls
|
||||
- {get_param: MemcachedTLS}
|
||||
- ceilometer::cache_backend: 'dogpile.cache.pymemcache'
|
||||
ceilometer::cache_tls_enabled: true
|
||||
- {}
|
||||
|
@ -142,8 +142,8 @@ conditions:
|
||||
service_debug_unset: {equals : [{get_param: HeatDebug}, '']}
|
||||
tls_cache_enabled:
|
||||
and:
|
||||
- {equals : [{get_param: EnableCache}, true]}
|
||||
- {equals : [{get_param: MemcachedTLS}, true]}
|
||||
- {get_param: EnableCache}
|
||||
- {get_param: MemcachedTLS}
|
||||
cors_allowed_origin_unset: {equals : [{get_param: HeatCorsAllowedOrigin}, '']}
|
||||
|
||||
outputs:
|
||||
|
@ -356,12 +356,12 @@ conditions:
|
||||
service_debug_unset: {equals : [{get_param: KeystoneDebug}, '']}
|
||||
nontls_cache_enabled:
|
||||
and:
|
||||
- {equals : [{get_param: EnableCache}, true]}
|
||||
- {equals : [{get_param: MemcachedTLS}, false]}
|
||||
- {get_param: EnableCache}
|
||||
- not: {get_param: MemcachedTLS}
|
||||
tls_cache_enabled:
|
||||
and:
|
||||
- {equals : [{get_param: EnableCache}, true]}
|
||||
- {equals : [{get_param: MemcachedTLS}, true]}
|
||||
- {get_param: EnableCache}
|
||||
- {get_param: MemcachedTLS}
|
||||
enable_sqlalchemy_collectd: {equals : [{get_param: EnableSQLAlchemyCollectd}, true]}
|
||||
|
||||
# Security compliance
|
||||
|
@ -89,7 +89,7 @@ parameters:
|
||||
certificate for this service
|
||||
|
||||
conditions:
|
||||
internal_tls_enabled: {equals: [{get_param: MemcachedTLS}, true]}
|
||||
internal_tls_enabled: {get_param: MemcachedTLS}
|
||||
# NOTE: A non-tls port is necessary while there are still services
|
||||
# consuming Memcached that do not support TLS. Once all services
|
||||
# do support TLS, this config should be dropped.
|
||||
|
@ -255,9 +255,8 @@ conditions:
|
||||
service_debug_unset: {equals : [{get_param: NovaDebug}, '']}
|
||||
tls_cache_enabled:
|
||||
and:
|
||||
- {equals : [{get_param: EnableCache}, true]}
|
||||
- {equals : [{get_param: MemcachedTLS}, true]}
|
||||
cache_disabled: {equals : [{get_param: EnableCache}, false]}
|
||||
- {get_param: EnableCache}
|
||||
- {get_param: MemcachedTLS}
|
||||
enable_sqlalchemy_collectd: {equals : [{get_param: EnableSQLAlchemyCollectd}, true]}
|
||||
|
||||
resources:
|
||||
|
Loading…
x
Reference in New Issue
Block a user