Config platform service admin endpoints to https for DC

With this update https is enabled for platform services' admin endpoints for System Controller and subclouds when the first controller is unlocked. The services with admin endpoints enabled are: - fm - patching - vim - smapi - barbican - keystone - sysinv - dcdbsync - dcmanager Change-Id: I45b3c541cdb6191dad6d3e2b3e9cf8a3398b3a1b Story: 2007347 Task: 38891 Depends-On: https://review.opendev.org/#/c/720224/ Signed-off-by: Andy Ning <andy.ning@windriver.com>
2020-04-06 10:11:56 -04:00
parent 7665c92ec9
commit e5f325ccca
12 changed files with 180 additions and 4 deletions
--- a/modules/puppet-dcorch/src/dcorch/manifests/keystone/auth.pp
+++ b/modules/puppet-dcorch/src/dcorch/manifests/keystone/auth.pp
@@ -43,6 +43,10 @@ class dcorch::keystone::auth (
  $cinder_proxy_public_url_v3    = 'http://127.0.0.1:28776/v3/%(tenant_id)s',
  $patching_proxy_public_url     = 'http://127.0.0.1:25491',
  $identity_proxy_public_url     = 'http://127.0.0.1:25000/v3',
+
+  $identity_proxy_admin_url      = 'http://127.0.0.1:25000/v3',
+  $sysinv_proxy_admin_url        = 'http://127.0.0.1:26385/v1',
+  $patching_proxy_admin_url      = 'http://127.0.0.1:25491',
 ) {
  if $::platform::params::distributed_cloud_role =='systemcontroller' {
    keystone::resource::service_identity { 'dcorch':
@@ -68,7 +72,7 @@ class dcorch::keystone::auth (
      type         =>  'platform',
      region       =>  $region,
      public_url   =>  $sysinv_proxy_public_url,
-      admin_url    =>  $sysinv_proxy_internal_url,
+      admin_url    =>  $sysinv_proxy_admin_url,
      internal_url =>  $sysinv_proxy_internal_url
    }

@@ -78,7 +82,7 @@ class dcorch::keystone::auth (
      type         =>  'patching',
      region       =>  $region,
      public_url   =>  $patching_proxy_public_url,
-      admin_url    =>  $patching_proxy_internal_url,
+      admin_url    =>  $patching_proxy_admin_url,
      internal_url =>  $patching_proxy_internal_url
    }
    keystone_endpoint { "${region}/keystone::identity" :
@@ -87,7 +91,7 @@ class dcorch::keystone::auth (
      type         =>  'identity',
      region       =>  $region,
      public_url   =>  $identity_proxy_public_url,
-      admin_url    =>  $identity_proxy_internal_url,
+      admin_url    =>  $identity_proxy_admin_url,
      internal_url =>  $identity_proxy_internal_url
    }
  }