Allow Kayobe to set kolla_external_fqdn_cacert
This variable can be used to customize the CA certificate file used as the OS_CACERT environment variable in openrc files when TLS is enabled. Change-Id: Ia157e91dfab176b84a53354065172cac2d60fb78 Story: 2004876 Task: 29150
This commit is contained in:
parent
9db9c413d4
commit
9156fa0e2d
@ -402,3 +402,7 @@ kolla_ansible_custom_passwords: "{{ kolla_ansible_default_custom_passwords }}"
|
|||||||
#
|
#
|
||||||
# Note that this should be formatted as a literal style block scalar.
|
# Note that this should be formatted as a literal style block scalar.
|
||||||
kolla_tls_cert:
|
kolla_tls_cert:
|
||||||
|
|
||||||
|
# Path to a CA certificate file to use for the OS_CACERT environment variable in
|
||||||
|
# openrc files when TLS is enabled, instead of Kolla-Ansible's default.
|
||||||
|
kolla_external_fqdn_cacert:
|
||||||
|
@ -197,6 +197,7 @@ kolla_neutron_ml2_tenant_network_types: []
|
|||||||
# allow clients to perform authentication.
|
# allow clients to perform authentication.
|
||||||
kolla_enable_tls_external:
|
kolla_enable_tls_external:
|
||||||
kolla_external_fqdn_cert:
|
kolla_external_fqdn_cert:
|
||||||
|
kolla_external_fqdn_cacert:
|
||||||
|
|
||||||
#############################
|
#############################
|
||||||
# Ironic options
|
# Ironic options
|
||||||
|
@ -128,6 +128,7 @@ neutron_tenant_network_types: {{ kolla_neutron_ml2_tenant_network_types | join('
|
|||||||
# allow clients to perform authentication.
|
# allow clients to perform authentication.
|
||||||
kolla_enable_tls_external: {{ kolla_enable_tls_external | bool }}
|
kolla_enable_tls_external: {{ kolla_enable_tls_external | bool }}
|
||||||
kolla_external_fqdn_cert: "{{ kolla_external_fqdn_cert }}"
|
kolla_external_fqdn_cert: "{{ kolla_external_fqdn_cert }}"
|
||||||
|
kolla_external_fqdn_cacert: "{{ kolla_external_fqdn_cacert }}"
|
||||||
|
|
||||||
|
|
||||||
##############
|
##############
|
||||||
|
@ -260,6 +260,10 @@
|
|||||||
# Note that this should be formatted as a literal style block scalar.
|
# Note that this should be formatted as a literal style block scalar.
|
||||||
#kolla_tls_cert:
|
#kolla_tls_cert:
|
||||||
|
|
||||||
|
# Path to a CA certificate file to use for the OS_CACERT environment variable in
|
||||||
|
# openrc files when TLS is enabled, instead of Kolla-Ansible's default.
|
||||||
|
#kolla_external_fqdn_cacert:
|
||||||
|
|
||||||
###############################################################################
|
###############################################################################
|
||||||
# Dummy variable to allow Ansible to accept this file.
|
# Dummy variable to allow Ansible to accept this file.
|
||||||
workaround_ansible_issue_8743: yes
|
workaround_ansible_issue_8743: yes
|
||||||
|
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Adds support for setting the `kolla_external_fqdn_cacert` variable which
|
||||||
|
allows customizing the CA certificate file to be used as the OS_CACERT
|
||||||
|
environment variable in openrc files when TLS is enabled.
|
Loading…
Reference in New Issue
Block a user