041251d473
Mark regular non-containerized services with FIXME to be switched, once it is containerized Do not mark yet an external/backend/plugin/host-config related puppet services templates with that FIXME Mark puppet/services/ceph- related templates as TODO switch it to containerized ceph-ansible eventually, maybe. Change-Id: Ib9fbad05eeb57dc641499fbf411cb5870da7a8e9 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
28 lines
1.1 KiB
YAML
28 lines
1.1 KiB
YAML
# ********************************************************************************
|
|
# DEPRECATED: Use tripleo-heat-templates/environments/ssl/enable-internal-tls.yaml
|
|
# instead.
|
|
# ********************************************************************************
|
|
# A Heat environment file which can be used to enable a
|
|
# a TLS for in the internal network via certmonger
|
|
parameter_defaults:
|
|
EnableInternalTLS: true
|
|
RabbitClientUseSSL: true
|
|
|
|
# Required for novajoin to enroll the overcloud nodes
|
|
ServerMetadata:
|
|
ipa_enroll: True
|
|
|
|
resource_registry:
|
|
# FIXME(bogdando): switch it, once it is containerized
|
|
OS::TripleO::Services::CertmongerUser: ../puppet/services/certmonger-user.yaml
|
|
|
|
OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml
|
|
|
|
# We use apache as a TLS proxy
|
|
# FIXME(bogdando): switch it, once it is containerized
|
|
OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml
|
|
|
|
# Creates nova metadata that will create the extra service principals per
|
|
# node.
|
|
OS::TripleO::ServiceServerMetadataHook: ../extraconfig/nova_metadata/krb-service-principals.yaml
|