Use hiera hash for TLS options
Change-Id: I0a4bdd57e4176452c111f2e5e3c2cdbd6b852a1e
This commit is contained in:
parent
d5110af7f5
commit
32df03578f
|
@ -21,9 +21,10 @@ if $jvmsize_mb >= $::memorysize_mb {
|
|||
fail("The configured JVM size (${jvm_heap_size} GB) is greater than the system RAM (${::memorysize}).")
|
||||
}
|
||||
|
||||
if hiera('lma::kibana::tls::enabled') {
|
||||
$certificate = hiera('lma::kibana::tls::cert_file_path')
|
||||
$common_name = hiera('lma::kibana::tls::hostname')
|
||||
$kibana_tls = hiera_hash('lma::kibana::tls')
|
||||
if $kibana_tls['enabled'] {
|
||||
$certificate = $kibana_tls['cert_file_path']
|
||||
$common_name = $kibana_tls['hostname']
|
||||
|
||||
# function validate_ssl_certificate() must be the value of a statement, so
|
||||
# we must use it in a statement.
|
||||
|
|
|
@ -44,11 +44,12 @@ openstack::ha::haproxy_service { $es_haproxy_service:
|
|||
}
|
||||
}
|
||||
|
||||
if hiera('lma::kibana::tls::enabled') {
|
||||
$kibana_tls = hiera_hash('lma::kibana::tls')
|
||||
if $kibana_tls['enabled'] {
|
||||
openstack::ha::haproxy_service { 'kibana':
|
||||
order => '921',
|
||||
internal_ssl => true,
|
||||
internal_ssl_path => hiera('lma::kibana::tls::cert_file_path'),
|
||||
internal_ssl_path => $kibana_tls['cert_file_path'],
|
||||
listen_port => $kibana_frontend_port,
|
||||
balancermember_port => $kibana_backend_port,
|
||||
balancermember_options => 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3',
|
||||
|
|
|
@ -122,10 +122,11 @@ lma::elasticsearch::jvm_size: <%= @elasticsearch_kibana["jvm_heap_size"] %>
|
|||
lma::elasticsearch::instance_name: <%= @instance_name %>
|
||||
lma::elasticsearch::node_name: "<%= @fqdn %>_es-01"
|
||||
lma::elasticsearch::cluster_name: lma
|
||||
lma::kibana::tls::enabled: <%= @tls_enabled %>
|
||||
lma::kibana::tls:
|
||||
enabled: <%= @tls_enabled %>
|
||||
<% if @tls_enabled -%>
|
||||
lma::kibana::tls::hostname: <%= @kibana_hostname %>
|
||||
lma::kibana::tls::cert_file_path: <%= @cert_file_path %>
|
||||
hostname: <%= @kibana_hostname %>
|
||||
cert_file_path: <%= @cert_file_path %>
|
||||
<% end -%>
|
||||
lma::kibana::username: <%= @elasticsearch_kibana["kibana_username"] %>
|
||||
lma::kibana::password: <%= @elasticsearch_kibana["kibana_password"] %>
|
||||
|
|
|
@ -20,9 +20,10 @@ $vip = hiera('lma::elasticsearch::vip')
|
|||
$kibana_port = hiera('lma::elasticsearch::kibana_frontend_port')
|
||||
$es_port = hiera('lma::elasticsearch::rest_port')
|
||||
$number_of_replicas = hiera('lma::elasticsearch::number_of_replicas')
|
||||
if hiera('lma::kibana::tls::enabled') {
|
||||
$kibana_tls = hiera_hash('lma::kibana::tls')
|
||||
if $kibana_tls['enabled'] {
|
||||
$protocol = 'https'
|
||||
$kibana_hostname = hiera('lma::kibana::tls::hostname')
|
||||
$kibana_hostname = $kibana_tls['hostname']
|
||||
$kibana_link_data = "{\"title\":\"Kibana\",\
|
||||
\"description\":\"Dashboard for visualizing logs and notifications (${kibana_hostname}: ${vip})\",\
|
||||
\"url\":\"${protocol}://${kibana_hostname}:${kibana_port}/\"}"
|
||||
|
|
Loading…
Reference in New Issue