Browse Source

Merge "Fix missing OctaviaClientCert* parameters" into stable/train

changes/69/743069/1
Zuul 1 week ago
committed by Gerrit Code Review
parent
commit
e4d56f173b
2 changed files with 18 additions and 1 deletions
  1. +17
    -0
      deployment/octavia/octavia-base.yaml
  2. +1
    -1
      deployment/octavia/octavia-deployment-config.j2.yaml

+ 17
- 0
deployment/octavia/octavia-base.yaml View File

@@ -83,6 +83,16 @@ parameters:
If provided, this will create or update a file on the host
with the path provided in OctaviaCaKeyFile with the key
data.
OctaviaClientCertFile:
type: string
default: '/etc/octavia/certs/client.pem'
description: Octavia client certificate for amphorae.
OctaviaClientCert:
type: string
default: ''
description: Octavia client certificate data. If provided, this will create
or update a file on the host with the path provided in
OctaviaClientCertFile with the certificate data.
OctaviaServerCertsKeyPassphrase:
constraints:
- length: { min: 32, max: 32}
@@ -197,6 +207,7 @@ conditions:
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
octavia_ca_cert_unset: {equals: [{get_param: OctaviaCaCert}, '']}
octavia_ca_key_unset: {equals: [{get_param: OctaviaCaKey}, '']}
octavia_client_cert_unset: {equals: [{get_param: OctaviaClientCert}, '']}
octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]}

outputs:
@@ -233,6 +244,7 @@ outputs:
octavia::service_auth::auth_type: 'password'
octavia::certificates::ca_certificate: {get_param: OctaviaCaCertFile}
octavia::certificates::ca_private_key: {get_param: OctaviaCaKeyFile}
octavia::certificates::client_cert: {get_param: OctaviaClientCertFile}
octavia::certificates::server_certs_key_passphrase: {get_param: OctaviaServerCertsKeyPassphrase}
octavia::certificates::ca_private_key_passphrase: {get_param: OctaviaCaKeyPassphrase}
octavia::controller::amp_boot_network_list: {get_param: OctaviaAmphoraNetworkList}
@@ -271,3 +283,8 @@ outputs:
- octavia_ca_key_unset
- {}
- octavia::certificates::ca_private_key_data: {get_param: OctaviaCaKey}
-
if:
- octavia_client_cert_unset
- {}
- octavia::certificates::client_cert_data: {get_param: OctaviaClientCert}

+ 1
- 1
deployment/octavia/octavia-deployment-config.j2.yaml View File

@@ -150,7 +150,7 @@ parameters:
hidden: true
OctaviaClientCertFile:
default: '/etc/octavia/certs/client.pem'
description: client certificate for amphoras
description: Octavia client certificate for amphorae.
type: string
OctaviaGenerateCerts:
type: boolean


Loading…
Cancel
Save