openstack/tripleo-heat-templates
Code Issues Proposed changes
6b80b35736
tripleo-heat-templates/puppet
History
Juan Antonio Osorio Robles 82ff1acf03 Internal TLS: Use specific CA file for haproxy 
Instead of using the CA bundle, this sets HAProxy to use a specific file
for validating the certificates of the services it's proxying. This
helps in two ways:

* Improves performance since validation will check only one certificate.
* Improves security since we're only the certificates signed by one CA
  are valid, instead of any certificate that the system trusts (which
  could include potentially compromised public certs).

Change-Id: Id6de045b3c93c82d37e0b0657c17a3108516016a
2017-05-03 12:46:14 +03:00
..
extraconfig Merge "Add composable role support for NetApp Cinder back end" 2017-04-12 15:28:00 +00:00
manifests Remove old ControllerConfig override from puppet-pacemaker.yaml 2017-01-03 19:45:43 +01:00
services Internal TLS: Use specific CA file for haproxy 2017-05-03 12:46:14 +03:00
all-nodes-config.yaml Don't assume default network names in net_ip*map 2017-02-17 13:38:31 +00:00
blockstorage-role.yaml Merge "Pluggable server type per Role" 2017-04-20 09:26:59 +00:00
cephstorage-role.yaml Merge "Pluggable server type per Role" 2017-04-20 09:26:59 +00:00
compute-role.yaml Merge "Pluggable server type per Role" 2017-04-20 09:26:59 +00:00
config.role.j2.yaml Allow to configure policy.json for OpenStack projects 2017-03-28 22:21:28 +00:00
controller-role.yaml Merge "Pluggable server type per Role" 2017-04-20 09:26:59 +00:00
deploy-artifacts.sh Fix bug when using multiple DeployArtifactURLs 2016-12-02 16:10:52 +00:00
deploy-artifacts.yaml Bump template version for all templates to "ocata" 2016-12-23 11:43:39 +00:00
major_upgrade_steps.j2.yaml N->O upgrade, fix wrong parameters to nova placement. 2017-04-19 14:30:43 +02:00
objectstorage-role.yaml Merge "Pluggable server type per Role" 2017-04-20 09:26:59 +00:00
post-upgrade.j2.yaml Disable puppet on upgrade for roles not upgrading 2017-02-03 11:43:47 +00:00
post.j2.yaml Delivers upgrade scripts where upgrade steps are disabled 2017-02-10 10:26:43 +00:00
puppet-steps.j2 Fix for the resource ControllerPostPuppetMaintenanceModeDeployment 2017-05-02 14:41:37 +02:00
role.role.j2.yaml Merge "Pluggable server type per Role" 2017-04-20 09:26:59 +00:00
upgrade_config.yaml Add nova service support for composable upgrades 2017-02-14 23:23:33 +00:00