7c9db3a5d7
This commit handles deployment of TLS certificates on control nodes for use by HAProxy, when kolla_enable_tls_external is True and a new variable, kolla_tls_cert, is populated with the contents of the certificate file. Story: 2001680 Task: 6786 Change-Id: I78df9e2d7acb96a4358ba3819a2dfc65e8c261d5
33 lines
1.4 KiB
Plaintext
33 lines
1.4 KiB
Plaintext
---
|
|
###############################################################################
|
|
# Overcloud configuration.
|
|
|
|
# Default Ansible group for overcloud hosts if not present in
|
|
# overcloud_group_hosts_map.
|
|
overcloud_group_default: controllers
|
|
|
|
# List of names of Ansible groups for overcloud hosts.
|
|
overcloud_groups: >
|
|
{{ (overcloud_group_hosts_map.keys() +
|
|
[overcloud_group_default]) | reject('equalto', 'ignore') | unique | sort | list }}
|
|
|
|
# Dict mapping overcloud Ansible group names to lists of hosts in the group.
|
|
# As a special case, the group 'ignore' can be used to specify hosts that
|
|
# should not be added to the inventory.
|
|
overcloud_group_hosts_map: {}
|
|
|
|
# To prevent some network issues you can choose to disable cloud-init
|
|
disable_cloud_init: False
|
|
|
|
###############################################################################
|
|
# Overcloud host image configuration.
|
|
|
|
# The CentOS cloud images from 7.2 (1511) onwards have a bogus name server
|
|
# entry in /etc/resolv.conf, 10.0.2.3. Cloud-init only appends name server
|
|
# entries to this file, and will not remove this bogus entry. Typically this
|
|
# leads to a delay of around 30 seconds when connecting via SSH, due to a
|
|
# timeout in NSS. The workaround employed here is to remove this bogus entry
|
|
# from the image using virt-customize, if it exists. See
|
|
# https://bugs.centos.org/view.php?id=14369.
|
|
overcloud_host_image_workaround_resolv_enabled: True
|