Get rid global TLS option from start_script
- Replace using global option on etcd tls option - Update name of config option for generation certs Change-Id: Ibfbbf0805cee01d924c970d0d7c9d8d356bc6881
This commit is contained in:
parent
f5192e3f71
commit
8525704d15
|
@ -294,7 +294,7 @@ def create_files(files):
|
|||
|
||||
@retry
|
||||
def get_etcd_client():
|
||||
if VARIABLES["security"]["tls"]["enabled"]:
|
||||
if VARIABLES["etcd"]["tls"]["enabled"]:
|
||||
LOG.debug("TLS is enabled for etcd, using encrypted connectivity")
|
||||
scheme = "https"
|
||||
ca_cert = CACERT
|
||||
|
@ -307,7 +307,7 @@ def get_etcd_client():
|
|||
# accessible via service due failed readiness check
|
||||
if VARIABLES["role_name"] in ["etcd", "etcd-leader-elector",
|
||||
"etcd-watcher"]:
|
||||
if VARIABLES["security"]["tls"]["enabled"]:
|
||||
if VARIABLES["etcd"]["tls"]["enabled"]:
|
||||
# If it's etcd container, connectivity goes over IP address, thus
|
||||
# TLS connection will fail. Need to reuse non-TLS
|
||||
# https://github.com/coreos/etcd/issues/4311
|
||||
|
@ -537,7 +537,7 @@ def main():
|
|||
VARIABLES = get_variables(args.role)
|
||||
LOG.debug('Global variables:\n%s', VARIABLES)
|
||||
|
||||
if VARIABLES["security"]["tls"]["enabled"]:
|
||||
if VARIABLES["security"]["tls"]["create_certificates"]:
|
||||
_get_ca_certificate()
|
||||
if args.action == "provision":
|
||||
do_provision(args.role)
|
||||
|
|
|
@ -195,6 +195,9 @@ class TestGetETCDClient(base.TestCase):
|
|||
start_script.VARIABLES = {
|
||||
"role_name": "etcd",
|
||||
"etcd": {
|
||||
"tls": {
|
||||
"enabled": False
|
||||
},
|
||||
"client_port": {
|
||||
"cont": 10042
|
||||
},
|
||||
|
@ -205,11 +208,6 @@ class TestGetETCDClient(base.TestCase):
|
|||
"private": {
|
||||
"address": "192.0.2.1"
|
||||
}
|
||||
},
|
||||
"security": {
|
||||
"tls": {
|
||||
"enabled": False
|
||||
}
|
||||
}
|
||||
}
|
||||
with mock.patch("etcd.Client") as m_etcd:
|
||||
|
@ -230,16 +228,14 @@ class TestGetETCDClient(base.TestCase):
|
|||
"namespace": "ccp",
|
||||
"cluster_domain": 'cluster.local',
|
||||
"etcd": {
|
||||
"tls": {
|
||||
"enabled": False
|
||||
},
|
||||
"client_port": {
|
||||
"cont": 1234
|
||||
},
|
||||
"connection_attempts": 3,
|
||||
"connection_delay": 0,
|
||||
},
|
||||
"security": {
|
||||
"tls": {
|
||||
"enabled": False
|
||||
}
|
||||
}
|
||||
}
|
||||
with mock.patch("etcd.Client") as m_etcd:
|
||||
|
@ -260,16 +256,14 @@ class TestGetETCDClient(base.TestCase):
|
|||
"namespace": "ccp",
|
||||
"cluster_domain": 'cluster.local',
|
||||
"etcd": {
|
||||
"tls": {
|
||||
"enabled": True
|
||||
},
|
||||
"client_port": {
|
||||
"cont": 1234
|
||||
},
|
||||
"connection_attempts": 3,
|
||||
"connection_delay": 0,
|
||||
},
|
||||
"security": {
|
||||
"tls": {
|
||||
"enabled": True
|
||||
}
|
||||
}
|
||||
}
|
||||
with mock.patch("etcd.Client") as m_etcd:
|
||||
|
|
Loading…
Reference in New Issue