14c4417e42
This commit enables the injection of a trust anchor or root certificate into every node in the overcloud. This is in case that the TLS certificates for the controllers are signed with a self-signed CA or if the deployer would like to inject a relevant root certificate for other purposes. In this case the other nodes might need to have the root certificate in their trust chain in order to do proper validation Change-Id: Ia45180fe0bb979cf12d19f039dbfd22e26fb4856
18 lines
601 B
YAML
18 lines
601 B
YAML
heat_template_version: 2015-04-30
|
|
|
|
description: >
|
|
This is a default no-op template which can be passed to the
|
|
OS::Nova::Server resources. This template can be replaced with
|
|
a different implementation via the resource registry, such that
|
|
deployers may customize their configuration.
|
|
|
|
parameters:
|
|
server: # Here for compatibility with controller.yaml
|
|
description: ID of the controller node to apply this config to
|
|
type: string
|
|
|
|
outputs:
|
|
deploy_stdout:
|
|
description: Deployment reference, used to trigger puppet apply on changes
|
|
value: 'Root CA cert injection not enabled.'
|