This change updated provider_uri to be 'ldaps' so openldap syncrepl
will be secure over TLS.
This change also updated puppet tox unit tests accordingly.
Test Plan:
PASS: DX system deployment
PASS: Check syncrepl section in slapd.conf.backup, it should contain:
provider=ldaps://<controller>
tls_cert="/etc/ldap/certs/openldap-cert.crt"
tls_key="/etc/ldap/certs/openldap-cert.key"
tls_cacert="/etc/ssl/certs/ca-certificates.crt"
tls_reqsan=demand
PASS: On one controller, add a new openldap user, and check the
newly added user exists on the other controller by:
ldapsearch -xH ldaps://<the other controller>
-b 'ou=people,dc=cgcs,dc=local' '(objectclass=*)' |
grep <the newly added user>
PASS: After active controller swact, repeat TC #3 again.
Story: 2009834
Task: 46245
Depends-On: https://review.opendev.org/c/starlingx/config-files/+/856769
Signed-off-by: Andy Ning <andy.ning@windriver.com>
Change-Id: If59016555e0762693ce3e9eeea33ae61e7dda4b1
dd72707bf8