tripleo-heat-templates/environments/services/octavia.yaml
Nir Magnezi 4559d3b74f Configure server_certs_key_passphrase for Octavia
A recent change[1] to Octavia added a parameter named
server_certs_key_passphrase, which means that TripleO should
generate a password for it to avoid using the default value.

This patch adds OctaviaServerCertsKeyPassphrase to the list
of parameters TripleO configures in Octavia.

Closes-Bug: #1821756
Related-Bug: #1821751

[1] I06d329ca53bc36bd27f7870ae7c7ca0cf18575b2
Depends-On: I9699961faf8b3430e4372e4ff3ae2bf7e7ceea18
Depends-On: Id6c0d156715147c6559dc39098a6eaabf77ac426
Depends-On: I5e60e8fbb7af381b59c6d7b02d5ba8eb47e91720
Change-Id: Icadd090f027af6f958c25af6bfb09195a4019aa8
2019-05-19 12:04:27 +03:00

17 lines
913 B
YAML

resource_registry:
OS::TripleO::Services::OctaviaApi: ../../deployment/octavia/octavia-api-container-puppet.yaml
OS::TripleO::Services::OctaviaHousekeeping: ../../deployment/octavia/octavia-housekeeping-container-puppet.yaml
OS::TripleO::Services::OctaviaHealthManager: ../../deployment/octavia/octavia-health-manager-container-puppet.yaml
OS::TripleO::Services::OctaviaWorker: ../../deployment/octavia/octavia-worker-container-puppet.yaml
OS::TripleO::Services::OctaviaDeploymentConfig: ../../deployment/octavia/octavia-deployment-config.yaml
parameter_defaults:
NeutronEnableForceMetadata: true
# This flag enables internal generation of certificates for communication
# with amphorae. Use OctaviaCaCert, OctaviaCaKey, OctaviaCaKeyPassphrase,
# OctaviaClient and OctaviaServerCertsKeyPassphrase cert to configure
# secure production environments.
OctaviaGenerateCerts: true